handling device hotplug

[martinetd]

Hello,

Right now when one of our users want hotplug for some kind of device (usb storage, input, camera...), we recommend to just bind mount /dev (or a part of thereof) and eventually set --network host for netlink events if the application requires it (e.g. libinput listens there to handle new devices)

I don't think proxifying netlink events is going to be viable, so this particular requirement of input device can stay separate, but I was wondering if there's something better than bind mounting /dev?
For e.g. input devices we can restrict the bind mount to /dev/input, but for disks for example there's nothing short of /dev that'd contain /dev/sda (assuming we can't use /dev/disk/by-*).

There's no way of specifying paths to 'watch and replicate in container' for --device as far as I know (and that sounds like feature creep to me...), but perhaps that might be something to consider for a (much) later version... (Not asking for anything at this point, just thinking out loud)

Another idea I had was to add a udev rule on the host side that would restart the container with any new device added as a device comes in, but if the container is in the middle of doing something that doesn't sound like it's always safe to do.

Thanks!