...docker installed in one of my lxc unpriviledged containers. This container has access to a nfs share in the promox host mounted under mnt/bindmounts/nfs. However, the apps I install in this lxc container/docker, like jellyfin for example, cannot access or do not seem to see this nfs share...
...unprivileged LXC (Proxmox 7)
From this page - Unprivileged LXC containers it seems like all I need to do is to add
pct set 100 -mp0 /mnt/bindmounts/shared,mp=/shared
To the LXC configuration file.
I did this:
...here "for security reasons, bind mounts should only be established using source directories especially reserved for this purpose, e.g., a directory hierarchy under /mnt/bindmounts."
But how do I mound the NFS share under /mnt/bindmounts instead of the current or default /mnt/pve?
...not support that content type. You can ignore it, the VMs and containers will boot fine.
Maybe I aught to submit a feature request since bindmounts are the preferred/recommended method for CIFS/NFS mounting within unprivileged containers -- these storage types should be permissible for...
bin mir gerade nicht sicher welche '3. variante' du meinst, kannst du auf die doku verlinken ?
wenn du 'bind mounts' meinst, das beispiel aus der doku (https://pve.proxmox.com/pve-docs/pve-admin-guide.html#pct_settings)
ist doch ziemlich klar:
This is very interesting, thank you. I was not aware that bindmounts could provide direct disk access! All use cases I see both on the forum out off the forum seem to indicate some level of abstraction. Do you have a specific search result where it shows giving direct hardware access to the...
Just an update, until Proxmox changes their mind about bindmounts inside an LXC for causing it to suspend and do a slow zdump (making Proxmox Backup Server real slow), the whole point of PBS is to speed up backups. Only plus side is the smaller backup size.
I think going forward, I will make a...
...also the container need not be unconfined, a good option for using cifs in your container would be to mount the share on your host instead, and use lxc bindmounts  to make it available for the container.
hope this helps
Okay, so I think I figured it out (sort of).
I am still not sure as to why changes made to the mounted folder inside the container do not show up in the supposedly same mounted folder on the host.
What I did was start over and create a new folder and also mounted it in the container (BTW: this...
If I have a linux LXC container installed on ZFS, with some bindmounts manually added to the configuration (also zfs, but a different dataset on the same pool), I cannot take zfs snapshots any more.
Is there a way around this? I don't care about snapshotting the datasets. I'm doing that...
The hook script does not run inside the container, but on the PVE host. Thus the bindmount will not be visible, as it will only be mounted within the CTs mount namespace. If you need to change something in that directory, you'd have to access it via /mnt/bindmounts/shared in this example.
* zpool import with and alt-root set
* bind-mount /proc, /sys, /dev, /dev/pts, into the root
* chroot inside
* run `dpkg -l |grep -i zfs'
* run `dpkg -l |grep <the version of zfsutils-linux`
there should be tons of howtos on the internet for the bindmounts and chroot
I hope this...
...want to start anymore, it is because the bind-mounts can't be mounted anymore. Samba shares not mounted yet and so on.
You can edit the "/etc/pve/lxc/IdOfYourLXC.conf" (for example /etc/pve/lxc/100.conf) and look at or change the line with the bind-mount:
I have a external hard drive that first must mount on a PROXMOX host:
mount -t ntfs-3g /dev/sda2 /mnt/bindmounts/shared
I then have the NFS-Server running on this host.
The fstab has the following in it:
/dev/sda2 /mnt/bindmounts/shared auto nosuid,nodev,nofail 0 0
I would've assumed this...
I setup the export on a proxmox host, with the host IP.
On a host of another node I installed the client:
mount 192.168.168.144:/mnt/bindmounts/shared /mnt/nfs_clientshare
It just sits there with no errors.
I turned off the firewall, I am not getting any errors, it just hangs?
that's just an example to bindmount a directory. you need to type the path to the usb bus device like /dev/bus/usb/001/002 or similar.
yes, you also need to allow the mount entry according to major:minor of the device.
for example to pass device on /dev/bus/usb/001/002 first run ls -l...