Jellyfin Forum
Rootless podman hardware acceleration - Printable Version

+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: Troubleshooting (https://forum.jellyfin.org/f-troubleshooting)
+--- Thread: Rootless podman hardware acceleration (/t-rootless-podman-hardware-acceleration)



Rootless podman hardware acceleration - lupine - 2024-12-15

I need help with rootelss podman hardware acceleration on openSUSE tumbleweed with SELinux on.

This is my podman run command:

Code:
podman run \
    --detach \
    --label "io.containers.autoupdate=registry" \
    --name jellyfin \
    --device /dev/dri/:/dev/dri/:rwm \
    --rm \
    --replace \
    --user $(id -u):$(id -g) \
    --userns keep-id \
    --group-add keep-groups \
    --volume /var/storage/mediumstorage/jellyfin/jellyfin-cache:/cache:Z \
    --volume /var/storage/jellyfin/jellyfin-config:/config:Z \
    --volume /var/storage/slowstorage/jellyfin/jellyfin-media:/media:ro,z \
    -p 8096:8096/tcp \
    docker.io/jellyfin/jellyfin:latest

And I did this:

Code:
sudo setsebool -P container_use_devices=true

And added myself to the 'render' group.

The device renderD128 is seen in the container, but lacking the permission to use it:

Code:
crw-rw---- 1 nobody nogroup 226, 128 Dec 14 10:22 renderD128

When I enable hardware acceleration and try to play a hevc file, or try to change the resolution of a h264 or AV1 file, I get an error:

"Playback Error
Playback failed due to a fatal player error."

Does somebody know how I can pass the device with proper permissions.


RE: Rootless podman hardware acceleration - lupine - 2024-12-15

podman run \
--detach \
--label "io.containers.autoupdate=registry" \
--name jellyfin \
--device /dev/dri/Confused-facedev/dri/ \
--rm \
--replace \
--user $(id -u):$(id -g) \
--userns keep-id \
--group-add keep-groups \
--volume /var/storage/mediumstorage/jellyfin/jellyfin-cacheConfused-facecache:Z \
--volume /var/storage/jellyfin/jellyfin-configConfused-faceconfig:Z \
--volume /var/storage/slowstorage/jellyfin/jellyfin-mediaConfused-facemedia:ro,z \
-p 8096:8096/tcp \
docker.io/jellyfin/jellyfin:latest

This in the end worked.

My selinux was misconfigured.