8.2.5 devices Parameters

The following devices parameters are defined:

devices.allow

Specifies a device that a cgroup is allowed to access by its type (a for any, b for block, or c for character), its major and minor numbers, and its access modes (m for create permission, r for read access, and w for write access).

For example, b 8:17 rw would allow read and write access to the block device /dev/sdb1.

You can use the wildcard * to represent any major or minor number. For example, b 8:* rw would allow read and write access to any /dev/sd* block device.

Each device that you specify is added to the list of allowed devices.

devices.deny

Specifies a device that a cgroup is not allowed to access.

Removes each device that you specify from the list of allowed devices.

devices.list

Reports those devices for which access control is set. If no devices are controlled, all devices are reported as being available in all access modes: a *:* rwm.