[Solved] Shared USB device, permission denied

I have a USB webcam (/dev/webcam0) on the host which i would like to share with the container.

I have defined the device as

devices:
  webcam0:
    mode: "0777"
    path: /dev/webcam0
    type: unix-char

On the host i can query the webcam,

$ v4l2-ctl -l -d /dev/webcam0 
                     brightness (int)    : min=30 max=255 step=1 default=133 value=133
                       contrast (int)    : min=0 max=10 step=1 default=5 value=5
                     saturation (int)    : min=0 max=200 step=1 default=83 value=83
 white_balance_temperature_auto (bool)   : default=1 value=1
           power_line_frequency (menu)   : min=0 max=2 default=2 value=2
      white_balance_temperature (int)    : min=2800 max=10000 step=1 default=4500 value=4500 flags=inactive
                      sharpness (int)    : min=0 max=50 step=1 default=25 value=25
         backlight_compensation (int)    : min=0 max=10 step=1 default=0 value=0
                  exposure_auto (menu)   : min=0 max=3 default=1 value=3
              exposure_absolute (int)    : min=5 max=20000 step=1 default=156 value=156 flags=inactive
                   pan_absolute (int)    : min=-201600 max=201600 step=3600 default=0 value=0
                  tilt_absolute (int)    : min=-201600 max=201600 step=3600 default=0 value=0
                 focus_absolute (int)    : min=0 max=40 step=1 default=0 value=20 flags=inactive
                     focus_auto (bool)   : default=0 value=1

However the container gives,

# v4l2-ctl -l -d /dev/webcam0 
Failed to open /dev/webcam0: Permission denied

The permissions seem to be quite open in the container,

# ls -la /dev/webcam0 
crwxrwxrwx 1 root root 81, 0 Apr  1 05:10 /dev/webcam0

On the host the device is like so,

$ ls -la /dev/webcam0 
lrwxrwxrwx 1 root root 6 Apr  1 05:10 /dev/webcam0 -> video0

Any idea why the lxd container is giving that error?

Does it work any better if you pass video0? I wonder if the webcam0 symlink is confusing something somehow.

I tried that but video0 also gives permission denied

In the container,

# ls -la /dev/video0 
crwxrwxrwx 1 root root 81, 0 Apr  1 05:29 /dev/video0

# v4l2-ctl -l -d /dev/video0
Failed to open /dev/video0: Permission denied

Could this be related to subuid, subgid?

@stgraber, Would any log help to debug this?

Setting the devices property to on on the ZFS pool made it to work.

# zfs get devices rpool
NAME   PROPERTY  VALUE    SOURCE
rpool  devices   on       local

Now in the container,

# v4l2-ctl -l -d /dev/webcam0 
                     brightness (int)    : min=30 max=255 step=1 default=133 value=133
                       contrast (int)    : min=0 max=10 step=1 default=5 value=5
                     saturation (int)    : min=0 max=200 step=1 default=83 value=83
 white_balance_temperature_auto (bool)   : default=1 value=1
           power_line_frequency (menu)   : min=0 max=2 default=2 value=2
      white_balance_temperature (int)    : min=2800 max=10000 step=1 default=4500 value=4500 flags=inactive
                      sharpness (int)    : min=0 max=50 step=1 default=25 value=25
         backlight_compensation (int)    : min=0 max=10 step=1 default=0 value=0
                  exposure_auto (menu)   : min=0 max=3 default=1 value=3
              exposure_absolute (int)    : min=5 max=20000 step=1 default=156 value=156 flags=inactive
                   pan_absolute (int)    : min=-201600 max=201600 step=3600 default=0 value=0
                  tilt_absolute (int)    : min=-201600 max=201600 step=3600 default=0 value=0
                 focus_absolute (int)    : min=0 max=40 step=1 default=0 value=13 flags=inactive
                     focus_auto (bool)   : default=0 value=1
                  zoom_absolute (int)    : min=0 max=10 step=1 default=0 value=0

Ah yeah, having the filesystem with devices disabled would explain it