docker faq on raspberry pi 2

13 July 2015

access sound card on docker container

docker create --name soundtest -h soundtest --device=/dev/snd:/dev/snd  jessie:ssh

docker start soundtest

using --privileged would grant all capabilities inside a container

docker create --name allpriv -h allpriv --privileged jessie:ssh

To change the status of the container’s interfaces:

docker run --cap-add=NET_ADMIN ubuntu sh -c "ip link eth0 down"

To prevent any `chown` in the container:

docker run --cap-drop=CHOWN ...

To allow all capabilities except `mknod`:

docker run --cap-add=ALL --cap-drop=MKNOD ...

