Docker installation - non-root, cant reach z-wave USB

Can I get some advice regarding running HomeAssistant in docker, with a non root-user (–user - parameter). I have created a user: homeassistant and a group: homeassistant.

I tried ‘docker run --user’, instead of ‘docker run ***** commands **** --user’, then it started. I do however have issues reaching my Z-Wave-USB at /dev/ttyACM0. I have added the homeassistant user to the dialout group, but cannot reach the USB device from HA. If I run HA as root-user (without --user), it works as expected.

1 Like

You need to give access to devices for your user - chown devices to group=homeassistant and chmod g+rw then. But the best would be to write udev rule to make this when device is inserted into USB port.

Thanks for the advice!
I checked the: /dev/ttyACM0, it have owner: root (rw), Group: dialout (rw).
I have added the user homeassistant to the group dialout. Shuldn’t that be ok?
I also have the /dev/serial/by-id/the_id as a symlink, byt there owner and group are set to root (rwx).

Is the best way to create something like this: a symlink /dev/zwave -> /dev/serial/by-id/the_id ? How to set the permissions correct? Shall I keep the dialoutgroup at all here?..

Thanks for your help!

Disclaimer: I run HA in a docker on a Synology NAS. If I don’t run my docker container with -privileged in the command (forcing the container to run as root and have access to everything root has access to…), I have to chmod 777 /dev/ttyACM0 for my HA container to access the USB ZWave stick.

Thanks! I see.

Regarding:

Is the best way to create something like this: a symlink /dev/zwave -> /dev/serial/by-id/the_id ? How to set the permissions correct? Shall I keep the dialoutgroup at all here?..

Any ideas?

Linux users and groups don’t use names on the backend. They are using UID/GID which are numbers. The names you see are merely pointers to the numbers.

So if your username is homeassistant, and you try to pass through the user homeassistant into the docker container, inside the docker container, it may not be mapping that username to the same UID.

Rather than usernames, try using the associated UID/GID for that user, and pass them through to the docker container. You may find that your homeassistant user is UID 1001, and the docker image that is running is expecting it to be UID 1000 (or something similar). Also note, root is always UID/GID 0. The distro used determines the UID/GID of your first “user”. You can get this info from cat /etc/passwd.

For instance, this is my UID/GID on one of my Docker Hosts:
flamingm0e:x:1000:1004:flamingm0e:/home/flamingm0e:/usr/bin/zsh

and on another machine on my network:
flamingm0e:x:1000:1000:m@,,,:/home/flamingm0e:/usr/bin/zsh

Notice my GID is different? If I had more than one “user account”, my UID might be different too, depending on what order my users were added. Generally the first one added is 1000, and increments one for every user.

Hi zamb,
Did you solve this? I have a similar issue.
I have a Conbee2 stick and that is found as /dev/ttyACM0 and works fine.
Now i bought a Z-Wave stick as well and when that is plugged in I am missing the Conbee2 at ttyACM0.
I have read that the USB order is very important and you should map to device and not port but I do not know how to do this?
Any help to give me?

//AseKarlsson

Sorry, maybe it was the mix of UID and GID - name-mapping that was different in the host and in the container.