Suspend IMX8 from C++ program inside container

Hi there, I am trying to let my Apalis imx8 hybernate from my C++ program inside a container.
I am using Visual Studio Professional 2019 with the Torizon plugin.

These commands work when I connect via putty and use sudo:
echo +5 > /sys/class/rtc/rtc1/wakealarm; echo deep > /sys/power/mem_sleep; echo mem > /sys/power/state (taken from Suspend/Resume (Linux) | Toradex Developer Center)

If I enter the running container (via docker exec –it /bin/bash) the commands do NOT work (read-only) and on this level I am not allowed to change read-write-permissions.
I guess I will need to change some Torizon C/C+±Application-Properties (via Solution Explorer->Properties->Torizon C/C+±Application-Properties) but I cannot seem to find out how to do it right.

Can somebody help me with this? Or am I going in the totally wrong direction?

Kind regards

I think I figured it out - I will answer my question with what I came up with. But maybe this is not the correct way to do it - so please, dear experts, correct me if I am wrong.

In the Torizon c/C+±Application-Properties there is field called “Volumes”. In there I added the paths
/sys/class/rtc/rtc1 /sys/class/rtc/rtc1
/sys/power /sys/power

afterwards the files were accessible and I could change the write permission using chmod.

I was a little too fast with posting my answer. chmod works with putty inside the container - but does not from C++ program. Getting closer - but not quite there yet.

Greetings @bauolx,

You’re on the right track however there is the issue of permissions as you noted.

So when you get a shell inside the container you’re running as the root user which is why you can chmod files and such. When your C++ program runs it’s running as the torizon user (what we default to when creating apps with our extensions). The torizon user doesn’t have permissions to freely chmod. Due to this limitation that means you’ll need to run your container as privileged/root to do this. However this in itself is not very good practices as running as root comes with the usual issues/security risks.

Let me bring this up as feedback and see if we can figure out/create a mechanism to write files in /sys without root permissions in a container. However in the short term running as root is your only real option.

Best Regards,

Thank you Jeremias,

Do you know by any chance how to set the privileged mode for the container in Visual Studio? I don’t seem to be able to find any information on that.
I would be very interested in the mechansim without the need of root permissions!

You can add any generic docker argument via the Extraparms fields in the Torizon Properties (same place you found the Volumes field).

The Extraparms field works based off of this Python API: Containers — Docker SDK for Python 6.0.1 documentation

So for the privileged flag you want privileged:True.

I’ll let you know if we figure out anything regarding a root-less option but no promises at the moment.

Best Regards,

I was able to come up with a solution not needing to set the container to privileged mode.
I created a script (outside the container) that can set the needed rights and call the script from inside the container.

in /usr/local/bin created script “” with this content

(bin bash should come here, but somehow it messes up my comment, so I removed it)
echo “Changing rights to allow container to modify corresponding /sys/ entries…”

chmod -v 666 /sys/class/rtc/rtc1/wakealarm
chmod -v 666 /sys/power/mem_sleep
chmod -v 666 /sys/power/state

made the script executable (chmod +x

in /etc/sudoers.d/ created script “hybernateRights” with following content

ALL ALL = (ALL) NOPASSWD:/usr/local/bin/

sudo chmod -v 440 hybernateRights
sudo chown root hybernateRights

added volume /usr/local/bin and /etc/sudoers.d/ in the torizon application properties (Visual Studio).
then calling the following command from my C++ program changes the rights (this sudo does not need a password)

sudo /usr/local/bin/

This is an interesting workaround you came up with. I can’t comment much on any possible issues but surely it’s more secure than running as root/privileged. Thank you for sharing your solution might be helpful for our own investigations!

Best Regards,