Search results

Try updating to lxc-pve-2.1.1-3.

There's a fix for opening template archives as root when creating unprivileged containers on the way currently. Should hit the test repositories soon.

Ah yes, we currently don't support a failing ip6tables-restore. That would need to be added to the firewall code. In the mean time you could possibly replace the file with dummy I guess...

disble => disable

For completeness' sake: You can add `net.ipv6.conf.all.disable_ipv6=1` and `net.ipv6.conf.default.disable_ipv6=1` to /etc/sysctl.conf. (You can apply that to a running system via the `sysctl` command as well, but for the sake of not confusing running services I'd recommend restarting them...

The output in the OP shows a mounted /run/shm but no mounted /dev/shm. Usually one of them symlinks to the other (/run/shm to /dev/shm on all my systems actually), so you should check that. If - in your case - /dev/shm doesn't symlink to /run/shm then that would explain the issue as...

Seems to be missing indeed after installing from the ISO. We'll need to fix this.

This does not really depend on whether the container is privileged or not (or at least it shouldn't, otherwise there's some other issue involved). What distribution are you running in the container and which template? Most distros actually simply make `ping` setuid-root, which should work in...

The output you posted initially says it's using a temp-dir on an NFS storage. If your local disk space allows it, can you please try setting a `tmpdir` in /etc/vzdump.conf` to a directory on local storage? (Putting the temporary data on NFS has some drawbacks in addition to the extra bandwidth...

The system's cache in RAM (what you (are supposed to) see as buffer/cache in the output of `free`).

`bs` is the block size, in order to read and write blocks of 1G at a time, dd needs to prepare 1G of data in ram, otherwise there's no way to pass that much to a single write() call (okay, for writing zeroes in particular there would be, but dd doesn't care what the input file is). Apart from...

With unprivileged containers, the `tar` command runs as the unprivileged root user, these error suggest that those files are not accessible for that user. Can you please provide the output of the following executed from within the running container? # ls -l /var/spool/postfix Also, did you ever...

The error message in the screenshot leads me to believe that the 2nd command (the 'echo' command) was not issued separately but appended to the apt-key command...

lxc renamed `id_map` to `idmap`, the former is supported by lxc for backward compatibility. PVE should translate id_map to idmap but it may get confused in some situations apparently

PVE assumes that /var/lib/lxc/$vmid is left untouched. Starting/restarting via the API/CLI/GUI will rewrite the config. You can, however, write (most) lxc config keys into /etc/pve/lxc/*.conf, including `lxc.idmap` lines.

Maybe there's auto-configuration features enabled. If you do not use IPv6 I recommend setting `sysctl net.ipv6.conf.default.disable_ipv6=1`. Check the output of: `sysctl -a |& egrep 'autoconf|accept_ra ='`

Do you have an ipv6 gateway without having a working ipv6 network? (post the output of `ip -6 route`)

vaapi is an API for video acceleration tasks, which requires driver & hardware (or virtual hardware) support. The only way for this to be useful is if you use GPU passthrough or a virtual GPU that supports it. It's possible that virtio-gpu will support this, but that part is still a work in...

Do you see any errors in the journal while doing this? These scripts often reload/restart services of which the errors appear in the journal instead of the output of the script requesting the restarts.

We currently have no startup hooks available directly. But since we start containers via a systemd service you can create a drop-in for pve-container@.service with Exec{Start,Stop}Post actions. eg. a file `/etc/systemd/system/pve-container@.service.d/hooks.conf`) with [Service]...