VDR : Passthrought USB TV tuner (DVB RTL2838) to unprivileged container inside Debian Bullseye host

  • I’m using lxc on a Debian Bullseye server.

    I run all my containers (Debian Bullseye ones too) unprivileged with the lxc-unpriv-start command.


    I’m trying to use VDR with a USB DVB TV tuner (RTL2838) inside my lxc container.

    So I have to do some USB passthrough


    on host:

    lsusb

    returns my USB DVB adapter:

    Bus 001 Device 003: ID 0bda:2838 Realtek Semiconductor Corp. RTL2838 DVB-T


    ls -l /dev/bus/usb/001

    returns:

    Code
    1. total 0
    2. crw-rw-r-- 1 root root 189, 0 16 mai 21:25 001
    3. crw-rw-r-- 1 root root 189, 1 16 mai 21:25 002
    4. crw-rw-r-- 1 root root 189, 2 16 mai 21:25 003


    ls -l /dev/dv

    returns:

    Code
    1. total 0
    2. drwxr-xr-x 2 root root 120 16 mai 21:25 adapter0


    ls -l /dev/dvb/adapter0

    returns:

    Code
    1. total 0
    2. crw-rw----+ 1 root video 212, 0 16 mai 21:25 demux0
    3. crw-rw----+ 1 root video 212, 1 16 mai 21:25 dvr0
    4. crw-rw----+ 1 root video 212, 3 16 mai 21:25 frontend0
    5. crw-rw----+ 1 root video 212, 2 16 mai 21:25 net0


    On the host as non root user:

    nano /home/mynonrootusername/.local/share/lxc/mycontainername/config

    is set this way:


    On the host as root user:
    nano /etc/lxc/default.conf

    Is set this way:

    Code
    1. lxc.net.0.type = veth
    2. lxc.net.0.link = lxcbr0
    3. lxc.net.0.flags = up
    4. lxc.apparmor.profile = generated

    On the host as nonroot user I start my container like this:

    lxc-unpriv-start -n mycontainername

    lxc-unpriv-attach -n mycontainername

    (Please care of the use of -unpriv part)


    Inside the container as non root user:

    ls -la /dev/bus/usb/001

    returns

    Code
    1. total 0
    2. drwxr-xr-x 2 nobody nogroup 100 May 16 19:25 .
    3. drwxr-xr-x 3 root root 60 May 16 20:36 …
    4. crw-rw-r-- 1 nobody nogroup 189, 0 May 16 19:25 001
    5. crw-rw-r-- 1 nobody nogroup 189, 1 May 16 19:25 002
    6. crw-rw-r-- 1 nobody nogroup 189, 2 May 16 19:25 003


    and

    ls -la /dev/dvb

    returns

    Code
    1. total 0
    2. drwxr-xr-x 3 root root 60 May 16 20:36 .
    3. drwxr-xr-x 7 root root 540 May 16 20:36 …
    4. drwxr-xr-x 2 nobody nogroup 120 May 16 19:25 adapter0


    and

    ls -la /dev/dvb/adapter0

    returns

    Code
    1. total 0
    2. drwxr-xr-x 2 nobody nogroup 120 May 16 19:25 .
    3. drwxr-xr-x 3 root root 60 May 16 20:36 …
    4. crw-rw----+ 1 nobody nogroup 212, 0 May 16 19:25 demux0
    5. crw-rw----+ 1 nobody nogroup 212, 1 May 16 19:25 dvr0
    6. crw-rw----+ 1 nobody nogroup 212, 3 May 16 19:25 frontend0
    7. crw-rw----+ 1 nobody nogroup 212, 2 May 16 19:25 net0

    but when I launch vdr inside container as non root user:

    vdr

    I get

    vdr: no primary device found - using first device!


    What am I missing?


    I guess I should do something with the host video group.

    So on the host as non root user, I modified as listed:

    I modified the file to add the “video” line:



    nano /etc/subuid

    Code
    1. mynonrootusername:100000:65536
    2. video:44:1

    nano /etc/subgid

    Code
    1. mynonrootusername:100000:65536
    2. video:44:1


    I tried to extend the mapping to add the “video” group to the container but must have do it wrong

    Code
    1. lxc.idmap = u 0 100000 65536
    2. lxc.idmap = g 0 100000 65536
    3. lxc.idmap = u 44 165536 1
    4. lxc.idmap = g 44 165536 1

    or

    Code
    1. lxc.idmap = u 0 100000 44
    2. lxc.idmap = g 0 100000 44
    3. lxc.idmap = u 44 44 1
    4. lxc.idmap = g 44 44 1
    5. lxc.idmap = u 45 100045 65491
    6. lxc.idmap = g 45 100045 65491

    are giving an error at container startup:

    tools/lxc_start.c: main: 308 The container failed to start


    Do you think there is a way to make this working, and could you help me to do so?

  • Hi,

    vdr: no primary device found - using first device!

    Is only a status message, no real error.

    You can try to use vdr with the dynamite-Plugin (the vdr has to be patched for this plugin, which simulates all tuners are present and mounts a tuner into the slot, if it is found) , then no tuner is needed for starting VDR. Or you can test with the iptv-Plugin (you should add a working channels.conf). Then you'll if VDR starts.

    Do you have started a frontend-plugin? This is necessary. Streamdev-Server and the live-plugin will work.

    Forcreal help, we need a syslog from the system and VDR start.

    Regards Stefan

    Test-VDR1: HP rp5700 Fertigsystem, Core2Duo E6400, 2GB RAM, FF-SD C-2300, nvidia Slim-GT218 x1 | easyVDR 2.0 64Bit
    VDR3: in Rente

    VDR4: MSI G31M2 v2, Digitainer2-Geh., t6963c 6" gLCD, E5200, 2GB, 3TB WD Red, GT730, 2x TT S2-3200; easyVDR 3.5 64bit
    VDR5: Gigabyte
    GA-G31M-S2L, Intel E2140, Zotac GT730 passiv, Digitainer2-Geh., t6963c 6 " gLCD, 2 TB WD Red, 2x TT S2-3200 (an 1 Kabel) easyVDR 3.5 64bit
    VDR6:
    Intel E5200, GT630 passiv, F1 750 GB, t6963c gLCD, 2x TT S2-3200 | easyVDR 3.5 64bit
    VDR-User #1068
    www.easy-vdr.de

  • Hi,

    vdr: no primary device found - using first device!

    Is only a status message, no real error.

    Thank you for your answer :)
    I tried to do a frequencies scan too with w_scan

    But same type of result:

    main:4004: FATAL: ***** NO USEABLE TERRESTRIAL CARD FOUND. *****


    I didn't add plugins as inside the container,

    ls -la /dev/dvb/adapter0

    returns some nobody/nogroup

    Code
    1. total 0
    2. drwxr-xr-x 2 nobody nogroup 120 May 16 19:25 .
    3. drwxr-xr-x 3 root root 60 May 16 20:36 …
    4. crw-rw----+ 1 nobody nogroup 212, 0 May 16 19:25 demux0
    5. crw-rw----+ 1 nobody nogroup 212, 1 May 16 19:25 dvr0
    6. crw-rw----+ 1 nobody nogroup 212, 3 May 16 19:25 frontend0
    7. crw-rw----+ 1 nobody nogroup 212, 2 May 16 19:25 net0

    I was guessing this as to be solved before right?


    Was is the the best way (or the only one?) to do the usb dvb adapter passthrough with an unprivileged lxc container?

    Does it involve the "video" group (guid 44)?



    You can try to use vdr with the dynamite-Plugin (the vdr has to be patched for this plugin, which simulates all tuners are present and mounts a tuner into the slot, if it is found) , then no tuner is needed for starting VDR. Or you can test with the iptv-Plugin (you should add a working channels.conf). Then you'll if VDR starts.

    Do you have started a frontend-plugin? This is necessary. Streamdev-Server and the live-plugin will work.


    I don't find the dynamite-Plugin in my distribution repos, but I added two pluggins I have on my non lxc test computer where vdr was already working:

    • vdr-plugin-streamdev-server
    • vdradmin-am


    But no difference.


    Forcreal help, we need a syslog from the system and VDR start.

    here are the log:

    It seems to be this permission error with /dev/dvb/adapter0/frontend0




    I'm trying to map the video group but when I do:

    Code
    1. lxc.idmap = u 0 100000 65535
    2. lxc.idmap = g 0 100000 44
    3. lxc.idmap = g 44 44 1
    4. lxc.idmap = g 45 100045 65490

    the container doesn't start anymore.


    Is it because I’m trying to get my containers having different idmap rules?

    Should I use the security.idmap.isolated=true variable somehow?





  • Hi,

    Does it work as root?

    Try to start vdr as root. And maybe only the frontend in the user context.


    Have you tried with a iptv "tuner"? Vdr needs a tuner anyway! Or use dynamite-Plugin.


    ERROR (tools.c,1745): /var/cache/vdr/epg.data.$$$: Permission denied

    There is a a problem also.

    Check file rights.

    Sorry I only know VDRs behaviour a bit. I've no experience with containers

    Test-VDR1: HP rp5700 Fertigsystem, Core2Duo E6400, 2GB RAM, FF-SD C-2300, nvidia Slim-GT218 x1 | easyVDR 2.0 64Bit
    VDR3: in Rente

    VDR4: MSI G31M2 v2, Digitainer2-Geh., t6963c 6" gLCD, E5200, 2GB, 3TB WD Red, GT730, 2x TT S2-3200; easyVDR 3.5 64bit
    VDR5: Gigabyte
    GA-G31M-S2L, Intel E2140, Zotac GT730 passiv, Digitainer2-Geh., t6963c 6 " gLCD, 2 TB WD Red, 2x TT S2-3200 (an 1 Kabel) easyVDR 3.5 64bit
    VDR6:
    Intel E5200, GT630 passiv, F1 750 GB, t6963c gLCD, 2x TT S2-3200 | easyVDR 3.5 64bit
    VDR-User #1068
    www.easy-vdr.de