Ubuntu 18.04 Docker USB Passthrough to Docker Containers has Ownership root:root instead of root:dialout

Tags: #<Tag:0x00007f386bd23a48> #<Tag:0x00007f386bd238b8>

I just upgraded my server to Ubuntu 18.04 yesterday and now all my Zwave and Zigbee devices are showing as offline. After some investigation I discovered that the /dev/ttyUSB* files have root:root instead of the expected root:dialout. This prevents the openhab user from being able to access the devices so the controller and coordinator are shown as offline.

Further research shows this is a known problem and it has a fix but the fix is only available in the latest Docker release.

If you upgrade your host OS to Ubuntu 18.04, make sure to upgrade your Docker as well.

NOTE: if you installed docker-ce using apt, you need to make sure to use the artful for the release instead of bionic as Docker doesn’t yet officially support Ubuntu 18.04.

Good luck!

Hi Rich,
Is this still an issue with Ubuntu 18 for openhab as docker? I am mulling over whether I should upgrade from ubuntu 16.

I imagine it might still be a problem, but like I said in the OP, the fix is to run the latest (as of last May) version of Docker. You should be running the latest version of Docker anyway, even if this were not a problem.

I’m running Ubuntu 18.04 as a vm. I installed docker using the docker ce install guide, so it should be using the latest version of docker with their ppa. I can provide docker versions once I’m home.

I’m trying to passthrough a Serial port or a USB to Serial to my container.

I was able to use both types of ports on my Ubuntu 18.04 vm and successfully connect to COM ports on my Cisco devices using minicom. In my docker container I installed usbutils so I could run lsusb. I see the USB serial adaptor in the container, but I’m not sure what COM port it’s using.

I’m needing to use this for the cm11a x10 module.

@rlkoshak what parameters did you use to great your docker container?

I can post mine when I get home.

There is no such thing as a “COM port” in Linux. There is a file under /dev that represents the device. As with any file needed by openhab, the openhab user needs to have permission to read and write to that file.Because you are running in Docker, the user may not exist on your host or if it does, it is not a member of the dialout group on the host.

Make sure you have an openhab user on the host, add that user to the dialout group, and make sure the openhab user inside the container is mapped to the one on your host by setting the USER_ID and GROUP_ID environment variables in your docker run command.

Here is the command I used to run the openHab container

docker run \
        --name openhab2 \
        --net=host \
        -v /etc/localtime:/etc/localtime:ro \
        -v /etc/timezone:/etc/timezone:ro \
        -v /opt/openhab/conf:/openhab/conf \
        -v /opt/openhab/userdata:/openhab/userdata \
        -v /opt/openhab/addons:/openhab/addons\
	--device=/dev/ttyUSB0 \
        -d \
        -e USER_ID=999 \
        -e GROUP_ID=998 \
        --restart=always \
        openhab/openhab:latest-debian

I followed the docker guide on the docker hub page, so I think it’s done correctly.

The reason I’m talking about com ports is that the binding I’m using for the cm11a asks for the com port and in the example code they use com3.

If I see my USB device using the lsusb, how do I use it for the cm11a? There isn’t any ttyUSB0 in the /dev directory.

I used scp to copy the ttyUSB0 file from the docker host to the container. I couldn’t do a chgrp to the dialout group cause the group isn’t in the container.

Well, like I said, COM ports and COM3 is meaningless on Linux. /dev/ttyUSB0 is what you would use.

In the container or on the host?

That doesn’t do anything for you. The device is represented as a file, but you can’t just copy that file around.

You need:

  • to have a user with UID 999 and GID 998 on your host
  • that user must be a member of the dialout group
  • try using --device=/dev/ttyUSB0:/dev/ttyUSB0:rwm which will map the device to the same location inside the container as outside the container and give the container read/write/mknod permission on the device.