##lines to add, privileged or not

lxc.cgroup2.devices.allow: c 226:0 rwm
lxc.cgroup2.devices.allow: c 226:128 rwm
lxc.mount.entry: /dev/dri/card0 dev/dri/card0 none bind,optional,create=file
lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file


###Tested and not obsoleted
#may be needed for docker/podman
#lxc.apparmor.profile: unconfined
#lxc.cgroup2.devices.allow: a
#lxc.cap.drop: 
###

###
#For unprivileged containers only
#For igpu only (groups video39 render 105 lxc / video44 render 104 proxmox)
#65536 max users / 65536 max groups uids / 0 to 65535 / 0 counts as one!##
#lxc.idmap: g 0 100000 39
#lxc.idmap: g 39 44 1
#lxc.idmap: g 40 100040 65
#lxc.idmap: g 105 104 1
#lxc.idmap: g 106 100106 65430
#lxc.idmap: u 0 100000 65536


#For igpu only (groups video44 render 106 lxc / video44 render 104 proxmox)
#65536 max users / 65536 max groups uids / 0 to 65535 / 0 counts as one!##
#lxc.idmap: g 0 100000 44
#lxc.idmap: g 44 44 1
#lxc.idmap: g 45 100040 61
#lxc.idmap: g 106 104 1
#lxc.idmap: g 106 100106 65430
#lxc.idmap: u 0 100000 65536