meta data for this page
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
vm:proxmox:lxc:devices_access [2023/06/20 18:25] – niziak | vm:proxmox:lxc:devices_access [2023/06/20 20:54] – niziak | ||
---|---|---|---|
Line 5: | Line 5: | ||
* serial port forwarding | * serial port forwarding | ||
- | ===== privileged LXCs ===== | + | ===== serial port ===== |
+ | |||
+ | ==== privileged LXCs ==== | ||
Only need to bind mount device node. | Only need to bind mount device node. | ||
Line 16: | Line 18: | ||
Device major 188 is for '' | Device major 188 is for '' | ||
- | ===== unprivileged LXCs ===== | + | ==== unprivileged LXCs ==== |
Unprivileged LXCs has UIDs and GIDs mapped to defines subid and subgids ranges. | Unprivileged LXCs has UIDs and GIDs mapped to defines subid and subgids ranges. | ||
Line 27: | Line 29: | ||
is to do not touch ''/ | is to do not touch ''/ | ||
- | + | ==== References ==== | |
- | ===== References | + | |
* [[https:// | * [[https:// | ||
Line 35: | Line 36: | ||
* Zigbee2MQTT automated LXC setup scripts (privileged containers): | * Zigbee2MQTT automated LXC setup scripts (privileged containers): | ||
* [[https:// | * [[https:// | ||
+ | |||
+ | |||
+ | ====== DRI forward ====== | ||
+ | |||
+ | |||
+ | Host system (Proxmox): | ||
+ | |||
+ | <code bash> | ||
+ | $ls -ln /dev/dri | ||
+ | |||
+ | crw-rw---- 1 0 44 226, 0 03-26 11:53 card0 | ||
+ | crw-rw---- 1 0 103 226, 128 03-26 11:53 renderD128 | ||
+ | </ | ||
+ | |||
+ | In unprivileged PCT GIDs and UIDs are shifted +100000, so if guest wants to access device with GID=44, from host point of view it is accessing it as GID=100044. | ||
+ | So now is needed to do shift GID 44 and GID 103. | ||
+ | Idea is to define ranges of GID mappings to map all other GID to be shifted by +100000: | ||
+ | |||
+ | ^ Container GID ^ Host GID ^ count ^ | ||
+ | | 0..43 | 100000..100043 | ||
+ | | 44 | 44 | 1 | | ||
+ | | 45..102 | ||
+ | | 103 | 103 | 1 | | ||
+ | | 104..65535 | ||
+ | |||
+ | |||
+ | Here is a tool [[https:// | ||
+ | |||
+ | |||
+ | Allow LXC (running as root) to map GID 44 and 103 to new ones: | ||
+ | |||
+ | <file / | ||
+ | root: | ||
+ | root:44:1 | ||
+ | root:103:1 | ||
+ | </ | ||
+ | |||
+ | |||
+ | PCT config file: | ||
+ | <file ini / | ||
+ | lxc.cgroup2.devices.allow: | ||
+ | lxc.cap.drop: | ||
+ | lxc.cgroup2.devices.allow: | ||
+ | lxc.cgroup2.devices.allow: | ||
+ | lxc.mount.entry: | ||
+ | lxc.mount.entry: | ||
+ | lxc.mount.entry: | ||
+ | lxc.idmap: u 0 100000 65536 | ||
+ | lxc.idmap: g 0 100000 44 | ||
+ | lxc.idmap: g 44 44 1 | ||
+ | lxc.idmap: g 45 100045 58 | ||
+ | lxc.idmap: g 103 103 1 | ||
+ | lxc.idmap: g 104 100104 65431 | ||
+ | </ | ||
+ | |||
+ | Guest system: | ||
+ | |||
+ | <code bash> | ||
+ | usermod -aG 44 user | ||
+ | usermod -aG 103 user | ||
+ | apt install drm-info | ||
+ | drm_info | ||
+ | </ | ||
+ | |||
+ |