/dev/ttyUSB0 permission issues in HA container and Skyconnect
/dev/ttyUSB0 permission issues in HA container and Skyconnect
This integration worked before, but something changed. I'm guessing it's a user/group permission issue based on the logs. I would appreciate some feedback on this process while I troubleshoot.
Setup:
- Raspberry Pi 4 Model B Rev 1.1
- aarch64
- podman version 4.3.1
- ImageName: "ghcr.io/home-assistant/home-assistant:stable"
- ImageDigest: "sha256:067490d7b65cfa8b9e494a9447b0e5a7876be83ead7ec01738681c55d66e7cfe"
I created this script to be able to recreate my HA service with the latest container image:
#!/bin/bash
# Variables and env
PODMAN_NAME=home-assistant
loginctl enable-linger $USER
export XDG_RUNTIME_DIR=/run/user/$(id -u $USER)
# Cleanup
systemctl --user stop container-${PODMAN_NAME}.service
systemctl --user disable container-${PODMAN_NAME}.service
podman rm -f ${PODMAN_NAME}
# Pull images
podman pull --arch=arm ghcr.io/home-assistant/home-assistant:stable
# Create Home Assistant image
podman create \
--arch arm \
--env TZ=America/New_York \
--volume=/opt/home-assistant/config:/config \
--volume=/opt/home-assistant/config/www/media:/media \
--device /dev/ttyUSB0 \
--network=host \
--restart=always \
--name ${PODMAN_NAME} \
ghcr.io/home-assistant/home-assistant:stable
#--privileged \
#--annotation io.crun.keep_original_groups=1 \
# Generate user service with podman generate systemd
podman generate systemd --new --files --name ${PODMAN_NAME} --restart-policy=always
# Setup systemctl files correctly
mkdir -p ~/.config/sysetmd/user
mv container-${PODMAN_NAME}.service ~/.config/systemd/user/.
# Enable the service
systemctl --user enable container-${PODMAN_NAME}.service
# Start the service
systemctl --user start container-${PODMAN_NAME}.service
Recently my Zigbee integration stopped working. I'm certain it has to do with groups/user permissions for the container and the mounted usb device. here are the logs.
2023-10-04 01:19:38.443 ERROR (MainThread) [zigpy.application] Couldn't start application
Traceback (most recent call last):
File "/usr/local/lib/python3.11/site-packages/serial/serialposix.py", line 322, in open
self.fd = os.open(self.portstr, os.O_RDWR | os.O_NOCTTY | os.O_NONBLOCK)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/dev/ttyUSB0'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.11/site-packages/zigpy/application.py", line 197, in startup
await self.connect()
File "/usr/local/lib/python3.11/site-packages/bellows/zigbee/application.py", line 138, in connect
await ezsp.connect(use_thread=self.config[CONF_USE_THREAD])
File "/usr/local/lib/python3.11/site-packages/bellows/ezsp/__init__.py", line 179, in connect
self._gw = await bellows.uart.connect(self._config, self, use_thread=use_thread)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/bellows/uart.py", line 406, in connect
protocol, connection_done = await thread.run_coroutine_threadsafe(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/bellows/uart.py", line 385, in _connect
transport, protocol = await zigpy.serial.create_serial_connection(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/zigpy/serial.py", line 42, in create_serial_connection transport, protocol = await pyserial_asyncio.create_serial_connection(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/serial_asyncio/__init__.py", line 448, in create_serial_connection
serial_instance = serial.serial_for_url(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/serial/__init__.py", line 90, in serial_for_url
instance.open()
File "/usr/local/lib/python3.11/site-packages/serial/serialposix.py", line 325, in open
raise SerialException(msg.errno, "could not open port {}: {}".format(self._port, msg))
serial.serialutil.SerialException: [Errno 13] could not open port /dev/ttyUSB0: [Errno 13] Permission denied: '/dev/ttyUSB0'
2023-10-04 01:19:38.571 WARNING (MainThread) [homeassistant.components.zha.core.gateway] Couldn't start EZSP = Silicon Labs EmberZNet protocol: Elelabs, HUSBZB-1, Telegesis coordinator (attempt 1 of 3)
Traceback (most recent call last):
File "/usr/local/lib/python3.11/site-packages/serial/serialposix.py", line 322, in open
self.fd = os.open(self.portstr, os.O_RDWR | os.O_NOCTTY | os.O_NONBLOCK)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/dev/ttyUSB0'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/src/homeassistant/homeassistant/components/zha/core/gateway.py", line 209, in async_initialize
await self.application_controller.startup(auto_form=True)
File "/usr/local/lib/python3.11/site-packages/zigpy/application.py", line 197, in startup
await self.connect()
File "/usr/local/lib/python3.11/site-packages/bellows/zigbee/application.py", line 138, in connect
await ezsp.connect(use_thread=self.config[CONF_USE_THREAD])
File "/usr/local/lib/python3.11/site-packages/bellows/ezsp/__init__.py", line 179, in connect
self._gw = await bellows.uart.connect(self._config, self, use_thread=use_thread)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/bellows/uart.py", line 406, in connect
protocol, connection_done = await thread.run_coroutine_threadsafe(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/bellows/uart.py", line 385, in _connect
transport, protocol = await zigpy.serial.create_serial_connection(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/zigpy/serial.py", line 42, in create_serial_connection transport, protocol = await pyserial_asyncio.create_serial_connection(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/serial_asyncio/__init__.py", line 448, in create_serial_connection
serial_instance = serial.serial_for_url(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/serial/__init__.py", line 90, in serial_for_url
instance.open()
File "/usr/local/lib/python3.11/site-packages/serial/serialposix.py", line 325, in open
raise SerialException(msg.errno, "could not open port {}: {}".format(self._port, msg))
serial.serialutil.SerialException: [Errno 13] could not open port /dev/ttyUSB0: [Errno 13] Permission denied: '/dev/ttyUSB0'
I've toggled the --privileged parameter because that's worked for others, but i don't think it behaves the same in podman as it does in docker. I've also added the home-assistant user to the dialout group based on another post but still the zigbee integration fails to load.
Any hints on where to look next?
3
comments
I'm on x86, but the below relevant lines have mine working:
--privileged
--group-add keep-groups
--device /dev/ttyUSB0:/dev/ttyUSB0
I also had to add my user that runs the container to group "dialout" as that owns the ttyUSB0 device. Keep in mind to log out and back in with this user after adding the group to apply the change.
Hope that helps!
Thank you it's a bit more complex but this helped me solve it. I'll update the post a working script later.
quick summary in case i get busy:
- I had to install crun so i can use the 'podman --runtime crun' parameter instead of runc the podman default
- I did NOT need to pass the --privileged parameter
- our device mappings are equivalent, so i was good there.
- I added a check for the dialout group, but think it's working now with the users default groups. will make sure to check this with restarts before update.
summary: working now!
Glad you got it sorted, and thanks for sharing the solution. I might see if I can remove privileged from mine in that case.