Unprivileged LXC with PPP?

iMx

Member
Feb 11, 2019
19
0
6
41
I understand that PPP requires CAP_NET_ADMIN, so I was hoping I could use an unprivileged container with the following specified:

Code:
lxc.cap.keep = net_admin
lxc.mount.entry: /dev/ppp dev/ppp none bind,create=file

Whilst /dev/ppp is created, permission is denied when trying to access it - are there dependencies required for net_admin?
 
When you run `ls -l` on /dev/ppp inside the container, you should be seeing "nobody:nobody" as the owner. This is because the user id 0 doesn't exist in the unprivileged container.

Try running on the Proxmox host:
Code:
chown 100000:100000 /dev/ppp

and then it should show up as "root:root" in the container.
 
  • Like
Reactions: giovannivl and iMx
When you run `ls -l` on /dev/ppp inside the container, you should be seeing "nobody:nobody" as the owner. This is because the user id 0 doesn't exist in the unprivileged container.

Try running on the Proxmox host:
Code:
chown 100000:100000 /dev/ppp

and then it should show up as "root:root" in the container.

Wonderful, many thanks, this fixed the problem.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!