diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
index 0b0ca02606aea845b243c443a55fa2900b7c2924..275e2502639107b172c399fc2e7d703bb6932886 100644
--- a/src/lxc/lxc_cgroup.c
+++ b/src/lxc/lxc_cgroup.c
@@ -347,6 +347,7 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def,
             goto cleanup;
     }
 
+    VIR_DEBUG("Allowing any disk block devs");
     for (i = 0; i < def->ndisks; i++) {
         if (def->disks[i]->type != VIR_DOMAIN_DISK_TYPE_BLOCK)
             continue;
@@ -360,6 +361,7 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def,
             goto cleanup;
     }
 
+    VIR_DEBUG("Allowing any filesystem block devs");
     for (i = 0; i < def->nfss; i++) {
         if (def->fss[i]->type != VIR_DOMAIN_FS_TYPE_BLOCK)
             continue;
@@ -372,6 +374,7 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def,
             goto cleanup;
     }
 
+    VIR_DEBUG("Allowing any hostdev block devs");
     for (i = 0; i < def->nhostdevs; i++) {
         virDomainHostdevDefPtr hostdev = def->hostdevs[i];
         virUSBDevicePtr usb;
@@ -423,6 +426,8 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def,
                                   VIR_CGROUP_DEVICE_RWM) < 0)
         goto cleanup;
 
+    VIR_DEBUG("Device whitelist complete");
+
     ret = 0;
 cleanup:
     return ret;