Hi

Does anyone know how to get sound working within an LXC container?

I am new to LXC and don't know much about sound config.
I've spent days searching for documentation on the subject and come up with zero!

I've tried applying techniques related to hardware access and visibility, like granting access and bind mounting /dev/snd etc etc.

Both container and host are ubuntu 12.04.
Within the container pulse-volume-control shows virtual devices registering audio input and output but there are no physical devices registered. Hence no sound?

Any pointers or suggestions would be greatly appreciated.

Charlie101

Sounds seems to be one of those black arts, with lots of strange programming going on. We have these sound mixing apps, but they don't seem to be all that well designed. To a limited extent they have been able to mix sounds from more than one source. But the UI is awkward for setting the mix levels (suggestion to those developers: try working a real studio mixer some day). And the big issue I see in all of them is the inability to send the same sound to more than one sound device. I plug in 2 headphones and only 1 can ever get the sound at a time.

What we need is a smart sound server. It gets connections from local sound sources via unix named sockets so authentication is simply by userid. It gets connections from network with various authentication methods available. These are the main sound sources. It can output to any or all sound devices, including the connecting to an instance of itself on the same machine, virtual host, or elsewhere on the network (and more than one at a time, too).

Is that what we have now? If yes, then they need to debug and fix it. If not, then make it so we can produce sound from inside VMs. So far, sound continues to be a mess that can't be managed well and works only in limited ways.

It doesn't work for me either (LXC on Debian Jessie 32-bit).

I've added this to the LXC config file:
'aplay -l':
'lsmod | grep snd' displays the same output as the host.

'/dev/snd' contains the same things as the host.

'amixer -c 0' doesn't work -- prints the usage instructions.

Running 'alsamixer' outputs:
I tried all the commands as root.

Sound works on the host out of the box, but I can't get it to work in the container.

You also have to make Pulseaudio from the host available in the guest with bind-mounting ~/.pulse into the container.

1 members found this post helpful.

Do you mean '~/.config/pulse' (contains 'cookie' and some files whose names begin with a hash)? I don't have a '~/.pulse' directory in the host.

I inserted this into the config file:
'paplay -v <FILE>' says:

However, it plays the file successfully (but without sound).

I tried to bind-mount:

• Both '~/.config/pulse' and '~/.pulse'
• Only '~/.pulse'
• Only '~/.config/pulse'

But the same thing happens.

'alsamixer' works now, and the sound is not muted.

I can get rid of the "failed to create secure directory" error by bind-mounting '~/.config/pulse' (on the host) as '~/.pulse' (in LXC), but that makes no sense since both the host and LXC run Debian Jessie (so they should both use the same secure pulse directory, right?). And the sound still doesn't work when I do that.

By the way, pulseaudio would not start in the LXC container at all until I commented out this from '/etc/pulse/defaults.pa':

Might be possible that different distros place this in a different location.Make sure that the user in the container has permissions to access the bind-mounted directories, for example with giving them the same UID.

1 members found this post helpful.

Both the host-user and LXC-user have UID 1000.

In the host:
That removes the error message but there is still no sound.

I should have kept my config file to look up how I did it, but I haven't, so I will just post this link with an extensive description how to do it: https://www.flockport.com/run-gui-ap...xc-containers/
Hope that helps.

1 members found this post helpful.

Thank you.

Just knowing that it is possible helps. I tried some of the steps in that link but I must have done it wrong (the .pulse_socket disappeared after 10-30 seconds). I'll go through it again from the beginning and do it properly.

Much appreciated.

I was initially a bit confused by the steps taken in that tutorial, I couldn't find the one I used when I tried this which went down to just bind-mounting as I have stated above. This seems to be more complex, but I haven't tried that approach yet.

1 members found this post helpful.

I can't get bind-mounting to work.

But there is another solution:

1. On the host, pulseaudio needs to load the modules esound-protocol-tcp and (or?) native-protocol-tcp and specify the IP address or auth-anonymous=1. I added this to default.pa.

2. On the client, set PULSE_SERVER=xxx.xxx.xxx.xxx:4713, where xxx.xxx.xxx.xxx is the IP address of the host. You can add this to the configuration file too, by the way. I think the directive is 'default-server = ...'.

3. On the host, make sure hosts.allow contains 'ALL: yyy.yyy.yyy.yyy', where yyy.yyy.yyy.yyy is the IP address of the LXC container. (Otherwise it will say "connection refused by tcpwrap".)

4. The firewall on the host needs to allow the incoming connection. Shorewall does not do this by default if you used the templates, so you have to add an exception in the rules file: 'ACCEPT net:<ip of client> $FW'; or however your firewall is configured.

Then the client (LXC) will send audio via the network to the host's pulseaudio server.

However, because the pulseaudio server keeps crashing all the time (and the host will not restart it when the client sends a request), I wrote a script that restarts it whenever it dies:
Yeah, I know... but it works.

(I added a counter to that script, by the way, and it crashes / terminates about 30 times per hour for some reason that I haven't figured out yet. It just says 'terminated' when I run pulseaudio with '-vv'.)

[edit]

Oh, I nearly forgot: when you start the pulseaudio server on the host, a cookie file is created somewhere (~/.config/pulse/cookie, ~/.pulse/cookie or ~/.pulse_cookie). You must copy this cookie file to the user's home directory in the LXC container so that the client and the host have the same cookie. The client's home directory is /var/lib/lxc/<container>/rootfs/home/<user>/ -- copy as root and chown it.

Also, I added the users to the following groups, but some of them may not be needed: audio, pulse, pulse-access.

What finally worked for me was the following config:

lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir
lxc.mount.entry = /tmp/.X11-unix tmp/.X11-unix none bind,optional,create=dir
lxc.mount.entry = /dev/video0 dev/video0 none bind,optional,create=file
lxc.mount.entry = /tmp/.lxc tmp/.lxc none bind,optional,create=dir
lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir
lxc.cgroup.devices.allow = c 116:* rwm
lxc.hook.pre-start = /var/lib/lxc/guest/setup-pulse.sh

Where setup-pulse.sh is as follows:

#!/bin/sh
PULSE_PATH=/tmp/.lxc/.pulse_socket

if [ ! -e "$PULSE_PATH" ] || [ -z "$(lsof -n $PULSE_PATH 2>&1)" ]; then
sudo -u 'YOUR NORMAL USER' -i pactl load-module module-native-protocol-unix auth-anonymous=1 socket=$PULSE_PATH
fi

and finally a pulseaudio -k on the host machine

Thanks