Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

15.0rc1: RaspberryMatic add-on stops working due to Operation not permitted #3915

Closed
jens-maus opened this issue Mar 5, 2025 · 3 comments · Fixed by #3921
Closed

15.0rc1: RaspberryMatic add-on stops working due to Operation not permitted #3915

jens-maus opened this issue Mar 5, 2025 · 3 comments · Fixed by #3921
Labels
board/ova Open Virtual Appliance (Virtual Machine) bug

Comments

@jens-maus
Copy link
Contributor

Describe the issue you are experiencing

While testing the upcoming 15.0 version of HAos by installing the current 15.0rc1 in a Proxmox (OVA) environment I recognized that the RaspberryMatic add-on does not start up correctly anymore and returns errors upon startup:

Identifying Homematic RF-Hardware: ....HmRF: HMIP-RFUSB/eQ-3 HmIP-RFUSB@usb-0000:01:1b.0-1, HmIP: HMIP-RFUSB/eQ-3 HmIP-RFUSB@usb-0000:01:1b.0-1, OK
Updating Homematic RF-Hardware: HMIP-RFUSB: 4.4.18, not necessary, OK
Starting hs485dLoader: disabled
Starting xinetd: OK
Starting eq3configd: OK
Starting lighttpd: OK
Starting ser2net: disabled
Starting ssdpd: OK
Starting ha-proxy: OK
Starting NUT services: disabled
Initializing Third-Party Addons: OK
Starting LGWFirmwareUpdate: not required
Setting LAN Gateway keys: not required
Starting hs485d: disabled
Starting multimacd: ..............ERROR
Starting rfd: ....................ERROR
Starting HMIPServer: .......................................................................................................................................................ERROR

After some investigation/debugging, I found out that these errors seem to be related to permission issues within the add-on docker container of the RaspberryMatic add-on when trying to access its special /dev/eq3loop device which is generated by the addon itself when doing e.g. a modprobe eq3_char_loop. In fact when starting the internal multimacd service to generate /dev/mmd_bidcos and /dev/mmd_hmip, the /dev/eq3loop seem to end up in a situation where the docker container will lose permission to access the loop device. See here:

Image

When downgrading / reinstalling 14.2 the add-on works immediately correct again and when performing the same test sequence no Operation is not permitted error appears anymore:

Image

So to me it seems, that something in the host OS is blocking access to the /dev/eq3loop device as soon as the multimacd daemon creates its secondary /dev/mmd_bidcos and /dev/mmd_hmip devices.

Thus, it seems some changes in the upcoming 15.0 (docker bump to v28 ?) seem to have changed the permission scheme which now prevents the eq3loop device to work correctly anymore.

What operating system image do you use?

ova (for Virtual Machines)

What version of Home Assistant Operating System is installed?

15.0rc1

Did the problem occur after upgrading the Operating System?

Yes

Hardware details

VM installed in Proxmox 8.3.3

Steps to reproduce the issue

  1. Install fresh HassOS VM based on 15.0rc1
  2. Install RaspberryMatic Addon
  3. Start Add-on and monitor startup log

Anything in the Supervisor logs that might be useful for us?

n/a

Anything in the Host logs that might be useful for us?

n/a

System information

No response

Additional information

No response
@jens-maus jens-maus added the bug label Mar 5, 2025
@jens-maus jens-maus mentioned this issue Mar 6, 2025
Closed
@Baxxy13
Copy link

Baxxy13 commented Mar 6, 2025

This should be checked and fixed before HA-OS 15 is released.
Otherwise, many users of the RaspberryMatic add-on will be left with a non-functioning RaspberryMatic.

@sairon sairon added the board/ova Open Virtual Appliance (Virtual Machine) label Mar 6, 2025
@sairon
Copy link
Member

sairon commented Mar 6, 2025

Unfortunately, I don't have the hardware available, but I will get in touch with Jens to track it down. It's definitely something that needs to be resolved for the release.

(tagging as board/ova, but other boards are very likely affected too)

@jens-maus
Copy link
Contributor Author

Unfortunately, I don't have the hardware available, but I will get in touch with Jens to track it down. It's definitely something that needs to be resolved for the release.

Thanks! Just check your Discord messages ;-)

(tagging as board/ova, but other boards are very likely affected too)

This is indeed board unrelated because the issue recently referenced up there related to HomeAssistant Yellow, thus rpiX platform.

sairon added a commit to home-assistant/buildroot that referenced this issue Mar 11, 2025
@sairon
package/runc: add missing patch to fix device permissions update
44629c0 
The rebased patch series in original PR [1] that was used here after update to
v1.2.5 were missing the last patch from the old patch series that changes the
behavior to add/remove permissions incrementally instead of replacing them.
This caused regression described in [2]. With the missing patch added, the
permissions are added correctly for all new devices.

[1] opencontainers/runc#3402
[2] home-assistant/operating-system#3915

Signed-off-by: Jan Čermák <[email protected]>
sairon added a commit that referenced this issue Mar 11, 2025
@sairon
Fix runtime device permissions update in runc v1.2.x
56f03b2 
Add missing patch and update for latest runc version to fix losing device
permissions when new devices are added in runtime.

* buildroot b079a02a9a...cb7c9d6fcc (2):
  > package/runc: add patch for extended default allowed devices in v1.2.4
  > package/runc: add missing patch to fix device permissions update

Fixes #3915
@sairon sairon mentioned this issue Mar 11, 2025
Merged
frenck pushed a commit to home-assistant/buildroot that referenced this issue Mar 11, 2025
@sairon @frenck
package/runc: add missing patch to fix device permissions update
a8f0193 
The rebased patch series in original PR [1] that was used here after update to
v1.2.5 were missing the last patch from the old patch series that changes the
behavior to add/remove permissions incrementally instead of replacing them.
This caused regression described in [2]. With the missing patch added, the
permissions are added correctly for all new devices.

[1] opencontainers/runc#3402
[2] home-assistant/operating-system#3915

Signed-off-by: Jan Čermák <[email protected]>
sairon added a commit that referenced this issue Mar 11, 2025
@sairon
Fix runtime device permissions update in runc v1.2.x
8aae5c0 
Add missing patch and update for latest runc version to fix losing device
permissions when new devices are added in runtime.

* buildroot b079a02a9a...3914f8cad5 (2):
  > package/runc: add patch for extended default allowed devices in v1.2.4
  > package/runc: add missing patch to fix device permissions update

Fixes #3915
sairon added a commit that referenced this issue Mar 11, 2025
@sairon
Fix runtime device permissions update in runc v1.2.x (#3921)
04debe2 
Add missing patch and update for latest runc version to fix losing device
permissions when new devices are added in runtime.

* buildroot b079a02a9a...3914f8cad5 (2):
  > package/runc: add patch for extended default allowed devices in v1.2.4
  > package/runc: add missing patch to fix device permissions update

Fixes #3915
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
board/ova Open Virtual Appliance (Virtual Machine) bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix runtime device permissions update in runc v1.2.x home-assistant/operating-system
3 participants
@sairon @jens-maus @Baxxy13