A known-working LXC config file I've used with Gentoo & Debian

test01.conf

lxc.utsname = test01.tobert.org
lxc.rootfs = /srv/md0/lxc/test01
#lxc.tty = 1
lxc.console = /tmp/test01-console.log
lxc.cgroup.cpuset.cpus = 0
lxc.cgroup.cpu.shares = 100
lxc.mount.entry=none proc proc nodev,noexec,nosuid 0 0
lxc.mount.entry=none dev/shm tmpfs defaults 0 0
lxc.mount.entry=none dev/pts devpts defaults 0 0

lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.hwaddr = 4a:49:43:49:79:bd
lxc.network.ipv4 = 192.168.4.32/24

lxc.cgroup.devices.deny = a
lxc.cgroup.devices.allow = c 1:3 rwm # /dev/null
lxc.cgroup.devices.allow = c 1:5 rwm # /dev/zero
lxc.cgroup.devices.allow = c 5:1 rwm # /dev/console
lxc.cgroup.devices.allow = c 5:0 rwm # /dev/tty
lxc.cgroup.devices.allow = c 4:0 rwm # /dev/tty0
lxc.cgroup.devices.allow = c 1:9 rwm # /dev/random
lxc.cgroup.devices.allow = c 1:8 rwm # /dev/urandom
lxc.cgroup.devices.allow = c 136:* rwm # /dev/pts/*
lxc.cgroup.devices.allow = c 5:2 rwm   # /dev/pts/ptmx
#lxc.cgroup.devices.allow = c 254:0 rwm
lxc.cap.drop = sys_boot sys_module sys_time