For the future, please also consider that in cgroupv2 there are no interface files for controlling access rules:
https://elixir.bootlin.com/linux/latest/source/Documentation/admin-guide/cgroup-v2.rst#L2018
"Cgroup v2 device controller has no interface files and is implemented on top of cgroup BPF. To control access to device files, a user may create bpf programs of the BPF_CGROUP_DEVICE type and attach them to cgroups. On an attempt to access a device file, corresponding BPF programs will be executed, and depending on the return value the attempt will succeed or fail with -EPERM."
Thanks for looking into this!
For the future, please also consider that in cgroupv2 there are no interface files for controlling access rules:
https:/ /elixir. bootlin. com/linux/ latest/ source/ Documentation/ admin-guide/ cgroup- v2.rst# L2018
"Cgroup v2 device controller has no interface files and is implemented on top of cgroup BPF. To control access to device files, a user may create bpf programs of the BPF_CGROUP_DEVICE type and attach them to cgroups. On an attempt to access a device file, corresponding BPF programs will be executed, and depending on the return value the attempt will succeed or fail with -EPERM."