Great question! Accessing non-USB-storage devices (like serial ports, cameras, Bluetooth adapters, etc.) from Docker containers on macOS is trickier than on Linux, and you’re right that the standard --privileged and --device flags don’t work out of the box. The core issue is that Docker Desktop for macOS runs your containers inside a hidden HyperKit virtual machine (VM)—not directly on your macOS host kernel—so the /dev device nodes you’d expect on Linux don’t map directly to macOS’s USB subsystem.

Here are the most reliable methods to get this working:

1. Use Docker Desktop’s Built-in USB Passthrough (Recommended) #

Newer versions of Docker Desktop (20.10+) include native USB passthrough support, which handles the VM-to-container mapping automatically:

• Open Docker Desktop, go to Settings > Resources > USB.
• Check the box next to the non-storage USB device you want to access (you may need to unplug and re-plug the device for it to show up).
• Restart your container (or run a new one)—you don’t need --privileged or --device flags anymore. Docker will expose the device to your container just like it would on a Linux host.
• Note: For some specialized devices (like industrial serial adapters), you may need to ensure the HyperKit VM’s Linux kernel has the required driver module loaded (most common drivers are included by default).

2. Use usbip for Legacy/Unsupported Devices #

If you’re on an older Docker Desktop version, or your device isn’t supported by the native passthrough, you can use the usbip tool to bridge macOS’s USB devices to the Docker VM:

• On your macOS host, install usbip via Homebrew: brew install usbip
• Start the usbip daemon: usbipd -D
• List your USB devices to get their bus ID: usbip list -l (look for lines like busid 1-2 for your target device)
• Bind the device to the usbip server: usbip bind -b <bus-id>
• Now, access the Docker HyperKit VM: run docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -i -n sh to get a shell inside the VM
• Inside the VM, install the usbip client: apt update && apt install -y usbip-client
• Attach the macOS-hosted USB device to the VM: usbip attach -r <your-macos-local-ip> -b <bus-id>
• The device will now appear in the VM’s /dev directory. When starting your container, use --device=/dev/<device-node>:/dev/<device-node>:rwm (e.g., --device=/dev/ttyUSB0:/dev/ttyUSB0:rwm) to pass it through, or use --privileged for full access.

3. Switch to Colima (Alternative VM for Docker) #

If you want more flexibility with USB passthrough, consider using Colima (a lightweight Docker runtime for macOS) instead of Docker Desktop:

• Install Colima via Homebrew: brew install colima
• Start Colima with USB support enabled: colima start --usb
• Any USB device you plug in will be automatically mapped to Colima’s VM. You can then use the standard --device or --privileged flags in your docker run commands just like on a Linux host.

Key Notes #

• Always ensure your container has the necessary permissions to access the device—running as root (or setting correct device node permissions with the :rwm flag in --device) is often required.
• For devices like webcams, you may also need to grant Docker Desktop/Colima access to your macOS camera via System Settings > Privacy & Security > Camera.

内容的提问来源于stack exchange，提问作者Milad