I have Freeswitch (VoIP/PBX) in an unprivileged container. It tries by itself to raise it’s process priority but fails. I already assigned some caps via guest shell to the binary like SYS_CAP_NICE but wasn’t successful so far.
Do i need to explicitly grant it in lxd config first?
Is it even possible to raise process and i/o priority from inside the container or do i have to do it manually from outside/host?
That’s most likely because you’re running the container unprivileged. An unprivileged container cannot raise its process priority higher than what a normal user can.
If this is a blocker in this case, then you may need to make the container privileged (security.privileged=true) which will then let you run code as real root in the container, allowing you to increase the process priority.