如何在 docker 中获得网络摄像头访问权限?
How do I get webcam acess permissions in docker?
我正在尝试从 docker 图片访问网络摄像头。我的权限:
dockerx@85ca088a4e0c:~$ ls -la /dev/vid*
crwxrwxrwx+ 1 root 986 81, 0 May 29 08:52 /dev/video0
crwxrwxrwx+ 1 root 986 81, 1 May 29 08:52 /dev/video1
dockerx@85ca088a4e0c:~$ groups dockerx
dockerx : dockerx root video x2gouser
因此,理论上,我有权访问 /dev/video*,但尝试访问它(例如通过 vlc)会导致错误:
dockerx@85ca088a4e0c:~$ vlc
VLC media player 3.0.8 Vetinari (revision 3.0.8-0-gf350b6b5a7)
[00005629e3774420] main libvlc: Running vlc with the default interface. Use 'cvlc' to use vlc without interface.
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-dockerx'
[00005629e3778390] main playlist: playlist is empty
[00007f5ca80010e0] v4l2 demux error: cannot open device '/dev/video0': Operation not permitted
[00007f5ca80010e0] v4l2 demux error: cannot open device '/dev/video0': Operation not permitted
[00007f5ca8003350] v4l2 stream error: cannot open device '/dev/video0': Operation not permitted
[00007f5ca000c800] v4l2 demux error: cannot open device '/dev/video1': Operation not permitted
[00007f5ca000c800] v4l2 demux error: cannot open device '/dev/video1': Operation not permitted
[00007f5ca000d130] v4l2 stream error: cannot open device '/dev/video1': Operation not permitted
QObject::~QObject: Timers cannot be stopped from another thread
为什么会这样?
更新:
My Dockerfile,
entrypoint.sh
UPD2。如果您投反对票,请花一分钟时间说明原因。谢谢。
添加特权选项docker run --privileged
。如果还是不行你也可以考虑挂载/dev/video
来自docs
by default a container is not allowed to access any devices, but a
“privileged” container is given access to all devices (see the
documentation on cgroups devices)
这个答案也很相似Docker: How to avoid Operation not permitted in Docker Container?
在容器中,我是一个名为“developer”的非root用户。
我必须将这一行添加到我的 dockerfile 中:
RUN sudo usermod -a -G video developer
我正在尝试从 docker 图片访问网络摄像头。我的权限:
dockerx@85ca088a4e0c:~$ ls -la /dev/vid*
crwxrwxrwx+ 1 root 986 81, 0 May 29 08:52 /dev/video0
crwxrwxrwx+ 1 root 986 81, 1 May 29 08:52 /dev/video1
dockerx@85ca088a4e0c:~$ groups dockerx
dockerx : dockerx root video x2gouser
因此,理论上,我有权访问 /dev/video*,但尝试访问它(例如通过 vlc)会导致错误:
dockerx@85ca088a4e0c:~$ vlc
VLC media player 3.0.8 Vetinari (revision 3.0.8-0-gf350b6b5a7)
[00005629e3774420] main libvlc: Running vlc with the default interface. Use 'cvlc' to use vlc without interface.
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-dockerx'
[00005629e3778390] main playlist: playlist is empty
[00007f5ca80010e0] v4l2 demux error: cannot open device '/dev/video0': Operation not permitted
[00007f5ca80010e0] v4l2 demux error: cannot open device '/dev/video0': Operation not permitted
[00007f5ca8003350] v4l2 stream error: cannot open device '/dev/video0': Operation not permitted
[00007f5ca000c800] v4l2 demux error: cannot open device '/dev/video1': Operation not permitted
[00007f5ca000c800] v4l2 demux error: cannot open device '/dev/video1': Operation not permitted
[00007f5ca000d130] v4l2 stream error: cannot open device '/dev/video1': Operation not permitted
QObject::~QObject: Timers cannot be stopped from another thread
为什么会这样?
更新: My Dockerfile, entrypoint.sh
UPD2。如果您投反对票,请花一分钟时间说明原因。谢谢。
添加特权选项docker run --privileged
。如果还是不行你也可以考虑挂载/dev/video
来自docs
by default a container is not allowed to access any devices, but a “privileged” container is given access to all devices (see the documentation on cgroups devices)
这个答案也很相似Docker: How to avoid Operation not permitted in Docker Container?
在容器中,我是一个名为“developer”的非root用户。 我必须将这一行添加到我的 dockerfile 中:
RUN sudo usermod -a -G video developer