Hey there!
Just got up and running with Proxmox and ZFS RAID1, so far everything is working as expected, but I'd like to know if I can improve things a little this time around.
I'm running an LXC Privileged container based upon Ubuntu 22.04 LTS, which I expect to run both Plex and BubbleUPNP server. Thing is, even though by adding their users and mine to both the render group and the video group I'm able to run vainfo successfully, none of the aforementioned programs can make use of ffmpeg and fail to take advantage of QuickSync/VA-API hardware acceleration unless I run their services as the root user.
One possible solution I found was to combine the calculator from here just to make sure I was doing things correctly and the approach outlined here to get the render group to show up as intended, but so far, while attaching myself to the container and testing for the right output shows that the permissions were changed correctly, it also had the unintended side effect of breaking the filesystem's permissions everywhere else:
Is there anything I might be doing wrong?
I'll make sure to attach the LXC's configuration files I changed. Thanks for the help!
Just got up and running with Proxmox and ZFS RAID1, so far everything is working as expected, but I'd like to know if I can improve things a little this time around.
I'm running an LXC Privileged container based upon Ubuntu 22.04 LTS, which I expect to run both Plex and BubbleUPNP server. Thing is, even though by adding their users and mine to both the render group and the video group I'm able to run vainfo successfully, none of the aforementioned programs can make use of ffmpeg and fail to take advantage of QuickSync/VA-API hardware acceleration unless I run their services as the root user.
One possible solution I found was to combine the calculator from here just to make sure I was doing things correctly and the approach outlined here to get the render group to show up as intended, but so far, while attaching myself to the container and testing for the right output shows that the permissions were changed correctly, it also had the unintended side effect of breaking the filesystem's permissions everywhere else:
UbuntuLXC# ls -lah /dev/dri
total 0
drwxr-xr-x 2 root root 60 May 28 05:12 .
drwxr-xr-x 7 root root 540 May 28 05:12 ..
crw-rw---- 1 nobody render 226, 128 May 27 09:58 renderD128
ls -lah /
total 82K
drwxr-xr-x 17 nobody nogroup 24 May 28 05:12 .
drwxr-xr-x 17 nobody nogroup 24 May 28 05:12 ..
lrwxrwxrwx 1 nobody nogroup 7 Apr 24 2022 bin -> usr/bin
drwxr-xr-x 2 nobody nogroup 2 Apr 18 2022 boot
drwxr-xr-x 7 root root 540 May 28 05:12 dev
drwxr-xr-x 80 nobody nogroup 170 May 28 05:12 etc
-rw-r--r-- 1 root root 0 May 28 05:12 fastboot
drwxr-xr-x 5 nobody nogroup 5 May 28 00:25 home
lrwxrwxrwx 1 nobody nogroup 7 Apr 24 2022 lib -> usr/lib
lrwxrwxrwx 1 nobody nogroup 9 Apr 24 2022 lib32 -> usr/lib32
lrwxrwxrwx 1 nobody nogroup 9 Apr 24 2022 lib64 -> usr/lib64
lrwxrwxrwx 1 nobody nogroup 10 Apr 24 2022 libx32 -> usr/libx32
drwxr-xr-x 2 nobody nogroup 2 Apr 24 2022 media
drwxr-xr-x 3 nobody nogroup 3 May 27 21:30 mnt
drwxr-xr-x 4 nobody nogroup 4 May 27 21:27 opt
dr-xr-xr-x 375 nobody nogroup 0 May 28 05:12 proc
drwx------ 7 nobody nogroup 17 May 28 00:57 root
drwxr-xr-x 12 root root 420 May 28 05:14 run
lrwxrwxrwx 1 nobody nogroup 8 Apr 24 2022 sbin -> usr/sbin
drwxr-xr-x 2 nobody nogroup 2 Apr 24 2022 srv
dr-xr-xr-x 13 nobody nogroup 0 May 28 05:12 sys
drwxrwxrwt 10 nobody nogroup 10 May 28 05:12 tmp
drwxr-xr-x 14 nobody nogroup 14 Apr 24 2022 usr
drwxr-xr-x 11 nobody nogroup 13 Apr 24 2022 var
Is there anything I might be doing wrong?
I'll make sure to attach the LXC's configuration files I changed. Thanks for the help!
sudo cat /etc/pve/lxc/500.conf
arch: amd64
cores: 4
features: fuse=1,mknod=1,mount=nfs;cifs,nesting=1
hostname: UbuntuLXC
memory: 1024
nameserver: 1.1.1.1
net0: name=eth0,bridge=vmbr0,gw=192.168.1.1,hwaddr=E6:41:18:9C:E8:79,ip=192.168.1.31/24,ip6=dhcp,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-zfs:subvol-500-disk-1,size=128G
startup: order=4,up=0,down=0
swap: 2048
lxc.cgroup2.devices.allow: c 226:0 rwm
lxc.cgroup2.devices.allow: c 226:128 rwm
lxc.mount.entry: /dev/fb0 dev/fb0 none bind,optional,create=file
lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file 0 0
lxc.idmap: u 0 100000 65536
lxc.idmap: g 0 100000 108
lxc.idmap: g 108 103 1
lxc.idmap: g 109 100109 65427
sudo cat /etc/subgid
root:100000:65536
toasterdev:165536:65536
root:103:1