Reputation: 2030
Access multiple devices in Docker container without --privileged flag
I have an arbitrary number of devices (/dev/abc0, /dev/abc1, ...) to use within a Docker container. If I pass them individually to the container with docker run --device /dev/abc0 --device /dev/abc1 they are accessible. The complication here is that, as far as I know, there is no way to pass all devices /dev/abc* into the container.
If I instead mount /dev with docker run -v /dev I need the --privileged flag. I have not found a specific capability to use with --cap-add which enables the devices without --privileged. Can this be done?
Upvotes: 1
Views: 1630
Answers (1)
Reputation: 2030
A little more experimentation yielded a potential solution. Provided the /dev/abc* devices have major device number 123, access to these devices (only) can be provided with:
docker run -v /dev --device-cgroup-rule='c 123:* rmw'
Upvotes: 1
Related Questions
- Docker start privileged?
- Can I run Docker-in-Docker without using the --privileged flag
- Docker Access to Raspberry Pi GPIO Pins --privileged does not work
- How to access docker host filesystem from privileged container
- Docker- Any way to provide multiple USB device Access (Not using --privilaged)?
- Using docker run --privileged to host a single USB device
- docker: how to make all devices available?
- Can I use privileged Docker container to spawn other containers on host?
- Run command as --privileged in Dockerfile
- Restricting access to a Docker container