lxc passthrough to already running container?


Renowned Member
Aug 14, 2010
Northwest NSW, Australia
Is there an equivalent lxc command for the old "vzctl set <vmid> devnodes <device>:rw"?

I have a somewhat unstable USB serial device I need passed to an LXC container. On PVE3.4, I used the above command in a udev rule to automatically reconnect the device each time it reinitialized on the host. I need to move that container to a PVE6 host now.

I've got the device passed already using a lxc.mount.entry line, and it works fine. But after a while, when it has one of it's unstable moments, it becomes inaccessible on the container (still shows up, but can't be accessed). I need to find a command that can force lxc to re-add it to the container.

Edit: I should add that I've tried "lxc-device -n <vmid> add /dev/ttyUSB0", but it just gives the following error (with or without the device already passed):
lxc-device: <vmid>: lxccontainer.c: do_add_remove_node: 4624 Value too large for defined data type - Failed to create device node at "/dev/ttyUSB0"

Got the same issue here. Google hasn't been much help on this. I'm on PVE5.4
I'm overseas at the moment, so the best I can do is a quick SSH into the host I needed this to work on.... In my udev rules, I have the following for the device I needed added (the "RUN" section is the command it runs). No idea if it's actually working, but the weather station has been reporting just fine, so I think it is.

ACTION=="add", ATTRS{interface}=="CP2102 USB to UART Bridge Controller", SYMLINK+="ttyVantagePro", RUN+="lxc-device -n 103 add /dev/ttyVantagePro"
Well, hadn't fully understood this issue until reading this article, still don't fully understand tbh. I'd never written udev rules so understanding that came first, there are plenty of good guides on the subject in the wild. The gist:

Create udev rule to give device a persistent name:

SUBSYSTEM=="video4linux", ATTRS{idVendor}=="VENDOR_ID", ATTRS{idProduct}=="PRODUCT_ID", ATTR{name}=="CAMERA_NAME", SYMLINK+="webcam/video0"
SUBSYSTEM=="media", ATTRS{idVendor}=="VENDOR_ID", ATTRS{idProduct}=="PRODUCT_ID", ATTR{model}=="CAMERA_NAME", SYMLINK+="webcam/media0"

The webcam has more than one entry into '/dev'.

To the containers' config, add:

lxc.apparmor.profile = unconfined
lxc.cgroup.devices.allow = c 81:* rwm
lxc.cgroup.devices.allow = c 240:* rwm
lxc.mount.entry = /dev/webcam dev/webcam none bind,optional,create=dir

Finally, run 'lxc-device -n [CT_ID] -- add /dev/PERSISTENT_NAME_SET_BY_UDEV_RULE'

Following the aforementioned article was not 100% accurate, I had to enter the 4 lines in the config under '/var/lib/lxc/[CT_ID]/config' not under '/etc/pve/lxc/[CT_ID].conf' and only then could I run 'lxc-device -n [CT_ID] -- add /dev/DEVx'. So, I've semi-successfully added a webcam to a container running OBS, I see what I expect under '/dev' but obs doesn't recognize the device, so I also installed cheese in the container just to see if it was isolated to obs, and cheese also doesn't recognize the webcam. So, I suspect it has something to do with the fact that the webcam isn't just a single device under 'dev'; '/dev/char/', '/dev/input', '/dev/ptmx', '/dev/v4l' and '/dev/snd' all change when I connect the webcam. Do I have to create udev rules for all of the above I wonder??

Another thing I'm not 100% is correct are the permissions for the two entries are 'nobody:nogroup', shouldn't it be 'root:somethingelse'?
Last edited:


The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!