First find your Conbee with lsusb and note the ID. The vendor is 1cf1 and the product is 0030.
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 005: ID 1cf1:0030 Dresden Elektronik ZigBee gateway [ConBee II]
Bus 001 Device 003: ID 8087:0aaa Intel Corp. Bluetooth 9460/9560 Jefferson Peak (JfP)
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Run ls -la /dev/ttyACM0 and note cgroup, in my case it was 166
crw-rw-r-- 1 root root 166, 0 Jan 3 21:45 /dev/ttyACM0
To handle the permission for the device I created a new directory where I created a device file with correct permissions. Change 166 in mknod to the cgroup you noted in previous step.
mkdir -p /lxc/120/devices
cd /lxc/120/devices/
mknod -m 660 ttyACM0 c 166 0
chown 100000:100020 ttyACM0
ls -al /lxc/120/devices/ttyACM0
Run nano /etc/pve/lxc/120.conf and add the last two rows for cgroup and mount. Change 166 in cgroup to the cgroup you noted before.
arch: amd64
cores: 1
features: nesting=1
hostname: zigbee.test.com
memory: 512
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.10.1,hwaddr=52:CE:FD:D2:03:0F,ip=192.168.10.120/24,type=veth
ostype: ubuntu
rootfs: local:120/vm-120-disk-0.raw,size=8G
swap: 512
unprivileged: 1
lxc.cgroup2.devices.allow: c 166:* rwm
lxc.mount.entry: /lxc/120/devices/ttyACM0 dev/ttyACM0 none bind,optional,create=file
nano /etc/udev/rules.d/50-myusb.rules
SUBSYSTEM=="tty", ATTRS{idVendor}=="1cf1", ATTRS{idProduct}=="0030", MODE="0666", SYMLINK+="conbee"
udevadm control --reload-rules && service udev restart && udevadm trigger
ls -l /dev/ttyACM*
apt install gnupg2
wget -O - http://phoscon.de/apt/deconz.pub.key | apt-key add -
sh -c "echo 'deb [arch=amd64] http://phoscon.de/apt/deconz $(lsb_release -cs) main' > /etc/apt/sources.list.d/deconz.list"
apt update
apt install deconz
GCFFlasher_internal -l
GCFFlasher V3_17 (c) dresden elektronik ingenieurtechnik gmbh
Path | Vendor | Product | Serial | Type
-----------------+--------+---------+------------+-------
| | | |
mkdir -p /run/udev/data/
echo "E:ID_VENDOR_ID=1cf1 E:ID_MODEL_ID=0030" > /run/udev/data/c166\:0
GCFFlasher_internal -l
GCFFlasher V3_17 (c) dresden elektronik ingenieurtechnik gmbh
Path | Vendor | Product | Serial | Type
-----------------+--------+---------+------------+-------
/dev/ttyACM0 | 0x1CF1 | 0x0030 | | ConBee II
/sbin/setcap cap_net_bind_service+ep /usr/bin/deCONZ
getcap /usr/bin/deCONZ
/usr/bin/deCONZ = cap_net_bind_service+ep
useradd deconz-user
mkdir /home/deconz-user
chown -R deconz-user:deconz-user /home/deconz-user
usermod -a -G dialout deconz-user
systemctl enable deconz
Created symlink /etc/systemd/system/multi-user.target.wants/deconz.service -> /lib/systemd/system/deconz.service.
nano /lib/systemd/system/deconz.service
[Unit]
Description=deCONZ: ZigBee gateway -- REST API
Wants=deconz-init.service deconz-update.service
StartLimitIntervalSec=60
[Service]
User=deconz-user
PermissionsStartOnly=true
ExecStartPre=/bin/mkdir -p /run/udev/data
ExecStartPre=/sbin/setcap cap_net_bind_service+ep /usr/bin/deCONZ
ExecStartPre=/bin/bash -c "/bin/echo -e 'E:ID_VENDOR_ID=1cf1\nE:ID_MODEL_ID=0030' > /run/udev/data/c166:0"
ExecStart=/usr/bin/deCONZ -platform minimal --http-port=80
Restart=on-failure
#AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_KILL CAP_SYS_BOOT CAP_SYS_TIME
[Install]
WantedBy=multi-user.target
shutdown -r now
https://doc.turris.cz/doc/en/public/deconz_lxc_howto\ https://www.xmodulo.com/change-usb-device-permission-linux.html\ https://monach.us/automation/connecting-zwave-stick-under-lxc/\ https://blog.benoitblanchon.fr/lxc-unprivileged-container/\ https://gist.github.com/Yub0/518097e1a9d179dba19a787b462f7dd2\
I encounter the same problem. I was able to setup a ConBee II using this guide but I failed when trying to adept it to a conbee III