[lxc-users] Device node in LXC is not accessible when connected via SSH

Tue, 28 Jan 2020 00:24:54 -0800 

Hello everyone,

I have a problem where a physical hardware device passed through to an LXC 
container cannot be read from or written to when I am connected via SSH.

The device node of my physical hardware device looks like this:

        myuser@myhost:~$ ls -la /dev/usb/hiddev0
        crw-rw-rw- 1 root root 180, 0 Jul 30 10:27 /dev/usb/hiddev0

This is how I create and start my container:

        myuser@myhost:~$ sudo lxc-create -q -t debian -n mylxc -- -r stretch
        myuser@myhost:~$ sudo lxc-start -n mylxc

Then I add the device node to the LXC:

        myuser@myhost:~$ sudo lxc-device -n mylxc add /dev/usb/hiddev0

Afterwards the device is available in the LXC and I can read from it after 
having attached to the LXC:

        myuser@myhost:~$ sudo lxc-attach -n mylxc
        root@mylxc:/# ls -la /dev/usb/hiddev0
        crw-r--r-- 1 root root 180, 0 Aug 27 11:26 /dev/usb/hiddev0
        root@mylxc:/# cat /dev/usb/hiddev0
        ����������^C
        root@mylxc:/#

I then enable root access via SSH without a password:

        myuser@myhost:~$ sudo lxc-attach -n mylxc
        root@mylxc:/# sed -i 's/#\?PermitRootLogin.*/PermitRootLogin yes/g' 
/etc/ssh/sshd_config
        root@mylxc:/# sed -i 's/#\?PermitEmptyPasswords.*/PermitEmptyPasswords 
yes/g' /etc/ssh/sshd_config
        root@mylxc:/# sed -i 's/#\?UsePAM.*/UsePAM no/g' /etc/ssh/sshd_config
        root@mylxc:/# passwd -d root
        passwd: password expiry information changed.
        root@mylxc:/# /etc/init.d/ssh restart
        Restarting ssh (via systemctl): ssh.service.
        root@mylxc:/# exit

When I connect via SSH now, the device node is there, but I cannot access it:

        myuser@myhost:~$ ssh root@<lxc-ip-address>
        root@mylxc:~# ls -la /dev/usb/hiddev0
        crw-r--r-- 1 root root 180, 0 Aug 27 11:26 /dev/usb/hiddev0
        root@mylxc:~# cat /dev/usb/hiddev0
        cat: /dev/usb/hiddev0: Operation not permitted

In both cases (lxc-attach and ssh) I am the root user (verified via whoami), so 
this cannot be the problem.

Why am I not allowed to access the device when I am connected via SSH?

Mit freundlichen Grüßen / Best regards
Tim Jaacks
DEVELOPMENT ENGINEER
Garz & Fricke GmbH
Schlachthofstrasse 20
21079 Hamburg
Direct: +49 40 791 899 - 183
Fax: +49 40 791899 - 39
tim.jaa...@garz-fricke.com
www.garz-fricke.com
WE MAKE IT YOURS!

Sitz der Gesellschaft: D-21079 Hamburg
Registergericht: Amtsgericht Hamburg, HRB 60514
Geschäftsführer: Matthias Fricke, Manfred Garz, Marc-Michael Braun

_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Reply via email to