I have lingering setup and I can still access the container but for what ever reason Podman seems to be unable to access the GPU for no apparent reason.
I think this may be an issue with systemd but I’m not entirely sure.
Solution: you need to be logged in for it to work. I accomplished this on a separate VM with autologin to icewm.
For me it is owned by the video user and the render group.
I don’t mind running iceWM in a VM as it has a fairly small overhead. Its not like I’m actually using the desktop so it takes pennies worth of ram and no CPU
Interesting. For me, it’s only the
/dev/dri/render*
device that is owned by therender
group, but this device is world-RW anyway. Still, I guess you can add the user to therender
group too? I did find some info that Debian uses that group this way, though I have never used Debian myself, so can’t verify that.I already did that so that podman could access the device. (Podman runs as a local user). What was strange was that podman couldn’t access it without a graphical session running but my local user could.
No idea then :( AFAIK the logind mechanism I mentioned originally is based only on permissions, but I had never really needed to look into it further.