LibreELEC provides a great Kodi build for select hardware architectures. It also provides 'Just enough OS for KODI'.
Raspberry Pi 4 with 8GB memory is a very capable machine, having it running only Kodi feels like a waste of resources. LibreELEC/Kodi provided containerization tools are useful but cumbersome. The process described here containerizes LibreELEC, allowing it to be deployed on any GNU/Linux host distro as yet another container.
Podman provides an easier way to run rootless containers, running Kodi as root isn't a good idea.
- set up a new user to run Podman/Kodi
- add the user to
video,render,input,audioandpipewire(if required) groups - follow the https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md to configure /etc/subuid and /etc/subgid
- make sure the user is allowed to map required groups
$ cat /etc/subgid
<kodi-user>:<'video' gid>:1
<kodi-user>:<'render' gid>:1
<kodi-user>:<'input' gid>:1
...Example:
$ cat /etc/subgid
kodi-user:666:1
kodi-user:69:1
kodi-user:420:1
kodi-user:165536:65536
...- set up Pipewire-pulse/PulseAudio for the user
- you might also need to make sure udev sets correct permissions on these devices:
$ cat /etc/udev/rules.d/01-video.rules
KERNEL=="vcsm-cma", GROUP="video", MODE="0660"
SUBSYSTEM=="dma_heap", GROUP="video", MODE="0660"First stage of the multi-stage build uses latest Ubuntu image to download LibreELEC disk image and extract root filesystem content using Fatcat (please don't fat shame cats 😽) and squashfs-tools. Second stage creates root fs from the extracted files, removes a few obviously redundant files, disables/removes LibreELEC settings Kodi addon and sets the timezone.
podman build -t localhost/libreelec:rpi4-12.0.0 --build-arg=dl_url=https://releases.libreelec.tv/LibreELEC-RPi4.aarch64-12.0.0.img.gz .- find out
video,renderandinputimage gids
$ podman run -t --rm --entrypoint=/bin/ash localhost/libreelec:rpi4-12.0.0 -c "egrep '(video|render|input)' /etc/group"
video:x:39:pipewire
input:x:104:
render:x:105:- start Kodi:
podman run --rm --replace --init --privileged \ # as privileged as the user running podman
--name kodi \
--hostname kodi \
--group-add keep-groups \ # keep the groups host user is in
--gidmap="+g39:@666:1" \ # map this container gid to that host gid
--gidmap="+g105:@69:1" \
--gidmap="+g104:@420:1" \
-v $(realpath /etc/localtime):/etc/localtime:ro \
-v /dev/input:/dev/input:ro \
-v /run/udev:/run/udev:ro \
-v <path-to-kodi-storage-dir>:/storage \ # mount LibreELEC /storage on a local dir
-v $XDG_RUNTIME_DIR/pulse/native:/tmp/pulse-socket \ # mount host PulseAudio socket
-e KODI_HOME=/usr/share/kodi \ # Kodi setup
-e KODI_TEMP=/storage/.kodi/temp \
-e HOME=/storage \
-e PULSE_SERVER=unix:/tmp/pulse-socket \
-p 8080:8080 \ # Kodi web UI ports
-p 9090:9090 \
libreelec:rpi4-12.0.0You get the same great LibreELEC Kodi build but with enhanced security, running on the GNU/Linux flavour of your choice. Trying out new LibreELEC features in nightly builds is a quick and non-destructive process with this approach. Since LibreELEC settings addon is removed during the build process, all hardware configuration is done on the underlying OS level. Kodi 'power' button does nothing, Kodi built-in services can be forwarded but setting up e.g samba or shairport on the host (or in other containers) would be a better option.