LXC USB Device Passthrough

usb lxc

I am trying to create an LXC container running mythtv (server) .. .which needs access to USB tuners

There seems to be a dearth of information on how to pass USB devices through to an LXC container

This post discusses the need to set cgroups appropriately https://unix.stackexchange.com/questions/137931/usb-passthrough-for-lxc-containers

The host is Ubuntu 14.04 (Trusty) which is successfully running other unprivileged LXC containers accessed via X2Go and direct to X11 (1 of each type running "permanently" and working well). The base config has (only) been changed to place container storage in a custom location (dedicated LVM partition).

The container in question is (a) privileged (b) running Ubuntu Trusty AMD64 (c) has cgroups set in the config file "lxc.cgroup.devices.allow = c 189:* rwm" which seems appropriate given that the major / minor ids of the USB devices in question are found using "ls -la /dev/bus/usb/003/"

Apparmor doesn't seem to be the primary issue (though I could be wrong) I have tried setting "lxc.aa_profile = unconfined", which didn't seem to help. I also created a custom Apparmor profile which just led to a series of cgroup errors. I'm stumped and don't even know where to start - Google searches turn up discussions of Libvirt based USB passthrough and a patch for LXC USB passthrough, but no instructions for non-Libvirt situations

Could someone please advise how to go about this.

Thanks


Basically the answer is that -

  1. You need to bind mount the host devices you want to access eg.

    mount --bind /dev/dvb /path_to_your_container/rootfs/dev/dvb

.... remember to create the target directory first

  1. Ensure you're either using a privileged container or you have granted the host's owner of an unprivileged container access to the device(s) you mounted above
  2. Add the relevant cgroup entry in your container config file (or /etc/lxc/lx.conf for all privileged containers) ie. lxc.cgroup.devices.allow = c xxx:* rwm where xxx = the "major" part of the major:minor id found using ls -la /dev/dvb say ..... 212 for DVB or 189 for USB (on my system), thus for my case, dvb access is granted via lxc.cgroup.devices.allow = c 212:* rwm

Apparmor changes are unnecessary .. the bind mount and cgroup entry were sufficient to enable container access to DVB devices (which happen to be USB devices BUT it was not necessary to enable access to "USB" devices as well ... just the DVB devices in /dev/dvb)

Related

How can I access Windows shares after changing DNS servers (e.g. switching to OpenDNS)?
Why do I have to name my text file <something>.cpp in order to compile a C++ program from command line?
How to fix broken repository information?
Can't start Ubuntu Software!
How to use debcondf Show results with debconf-set-selections?
Set a script to run automatically after apt-get dist-upgrade, install, remove and purge?
How to install colour profile screen device not listed
UEFI hardware and dual booting with windows
Touchpad not working on MSi U130 after login in
How to access files in Windows partition from Ubuntu live USB?
Are there any power consumption indicators?
Connect to JBL bluetooth speaker