general/other Passing host device /dev/cuaU0 to Podman linux container?

[PeterSprague]

On FreeBSD 14.2, installed and running some #hamradio software inside a podman fedora container (https://github.com/la5nta/pat). I need the linux container for ax25 for one of my radios on 2m packet.

Pat is installed and runs inside the container using telnet, but I can't figure out how to provide radio serial communications via host /dev/cuaU0 to Pat inside the container. Tried:

$ sudo podman run --os=linux --net=host --device=/dev/cuaU0:/dev/ttyUSB0:rw -ti --rm localhost/pat-freebsd-fedora41:001 bash
    Error: container device must be the same as host device on FreeBSD
$ sudo podman run --os=linux --net=host --device=/dev/cuaU0:/dev/cuaU0:rw -ti --rm localhost/pat-freebsd-fedora41:001 bash
    Error: devfs not found in generator
$ man podman-run ([URL]https://man.freebsd.org/cgi/man.cgi?query=podman-run&sektion=1&apropos=0&manpath=FreeBSD+13.2-RELEASE+and+Ports[/URL]) makes no mention of these issues and shows differing device names between the host and container in the example

Solutions or ideas how to solve this?

Thanks,
Peter

 

[Phishfry]

Chose devfs rules number or add from command prompt:

Thread 64924

Also take a look at /etc/defaults/devfs.rules. This is a prototype file so do not edit. Settings go in rc.conf

# Devices usually found in a jail.
#
[devfsrules_jail=4]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path fuse unhide
add path zfs unhide

[devfsrules_jail_vnet=5]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add include $devfsrules_jail
add path pf unhide

devfs.rules

man.freebsd.org

 

[Andriy]

I think that --device with --os=linux just does not really work at the moment.

 

[dfr]

This is not something I ever tested and it looks like it is just broken. For running Linux containers on FreeBSD, Podman modifies the OCI runtime config to add FreeBSD bits such as devfs and it seems that this happens after the code path which adds devices to the config. If I can come up with a reasonable fix, I'll update the Podman port with a patch.

 

[dfr]

This patch to Podman seems to fix the issue - I will update the port and get this change moving upstream.

diff --git a/pkg/specgen/generate/oci_freebsd.go b/pkg/specgen/generate/oci_freebsd.go
index 553e7c34d2..9b4fa8c42e 100644
--- a/pkg/specgen/generate/oci_freebsd.go
+++ b/pkg/specgen/generate/oci_freebsd.go
@@ -50,28 +50,6 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
g.AddAnnotation(key, val)
}

- // Devices
- var userDevices []spec.LinuxDevice
- if !s.IsPrivileged() {
- // add default devices from containers.conf
- for _, device := range rtc.Containers.Devices.Get() {
- if err = DevicesFromPath(&g, device, rtc); err != nil {
- return nil, err
- }
- }
- if len(compatibleOptions.HostDeviceList) > 0 && len(s.Devices) == 0 {
- userDevices = compatibleOptions.HostDeviceList
- } else {
- userDevices = s.Devices
- }
- // add default devices specified by caller
- for _, device := range userDevices {
- if err = DevicesFromPath(&g, device.Path, rtc); err != nil {
- return nil, err
- }
- }
- }
-
g.ClearProcessEnv()
for name, val := range s.Env {
g.AddProcessEnv(name, val)
@@ -134,6 +112,28 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
configSpec.Mounts = mounts
}

+ // Devices
+ var userDevices []spec.LinuxDevice
+ if !s.IsPrivileged() {
+ // add default devices from containers.conf
+ for _, device := range rtc.Containers.Devices.Get() {
+ if err = DevicesFromPath(&g, device, rtc); err != nil {
+ return nil, err
+ }
+ }
+ if len(compatibleOptions.HostDeviceList) > 0 && len(s.Devices) == 0 {
+ userDevices = compatibleOptions.HostDeviceList
+ } else {
+ userDevices = s.Devices
+ }
+ // add default devices specified by caller
+ for _, device := range userDevices {
+ if err = DevicesFromPath(&g, device.Path, rtc); err != nil {
+ return nil, err
+ }
+ }
+ }
+
// BIND MOUNTS
configSpec.Mounts = SupersedeUserMounts(mounts, configSpec.Mounts)
// Process mounts to ensure correct options

 

[Andriy]

Thank you very much!