TibixDev
[Bug] USB permission error after starting installation on Fedora Silverblue
What version of WinBoat are you running?
0.8.5
Your Environment
Fedora Silverblue 43 beta, GNOME 49, FreeRDP (version not sure), all checks after starting up WinBoat for the first time are checked.
Steps to Reproduce / Context
Start WinBoat in order to install Win11 Pro (either with or without .iso downloaded ahead) Check that all requirements are met, everything green Configure processor cores, RAM, file storage Start installation
Logs
Expected Behavior
Installation should run through.
Current Behavior
Installation stops
Possible Solution
No response
Quality Notice
- [x] I have checked the issue tracker and verified that this bug is a unique case.
Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error creating device nodes: open /var/home/thp/.local/share/docker/fuse-overlayfs/f134f294318cf1cc69131a26dbc07c681a6ef9b7ca9ffde6b5eb257b3b66643c/merged/dev/bus/usb/001/001: permission denied: unknown
You are not running real Docker I believe. This is either a Podman socket in disguise like what vanilla Bazzite does, or something else like Docker Desktop.
You need Docker Engine, not any other alternative.
Docker is elevated by default and our compose has priviliged: true so it should have no issues accessing your USB devices.
I’m experiencing the same issue on Arch, using normal Docker Engine. My user is added to the docker group.
I’m experiencing the same issue on Arch, using normal Docker Engine. My user is added to the docker group.
Same for me
I'm having the same issue and I think it's because I'm running Docker rootless (which makes sense).
Can anyone still having this issue confirm that they're not running rootless? Else I'll be closing this as a can't fix soon.
I'm running it with root
~ » ls -l /var/run/docker.sock
srw-rw---- 1 root docker 0 oct. 15 13:37 /var/run/docker.sock
Would it be a viable option to catch such failures that are caused by insufficient privileges (e.g. rootless mode, more restrictive environments like podman, etc.) and offer single-device pass-through via the GUI instead?
This might be a little more tedious, but for many people, USB pass-through is merely a tertiary use case and this issue preventing the installation entirely - with it being left in a state where the user has to clean up the installation, since it does not clean up after itself - is not really a good experience. It would at least make WinBoat usable for those users at all.
This would also allow people to run it in e.g. work environments, where rootless docker is often used, even on user machines, as a security measure (and because it is more representative of most server environments).
My solution:
- Navigate to
~/.winboat - check Docker contexts with command:
docker context lsThere should be list of contexts, for example
NAME DESCRIPTION DOCKER ENDPOINT ERROR
default Current DOCKER_HOST based configuration unix:///var/run/docker.sock
rootless * Rootless mode unix:///run/user/1000/docker.sock
The * indicated the current context
- Switch to default context by:
docker context use default - restart the docker compose
docker compose down && docker compose up -d
If you are using rootless mode and want to avoid typing sudo password in other docker usage, you may check: https://docs.docker.com/engine/install/linux-postinstall
With this change, we can indeed start the container, even though it's not the greatest thing to do. (And afterwards I got some other issues which makes it unusable on my multi-monitor setup, but not linked to this one)