Sorry for what I'm sure is an exceedingly stupid question, but is this an insecure way to mount an external disk to an unprivileged container? I added this to `/etc/fstab`, the disk mounts at boot, and I have rwx permissions on root and a sudo user in the container:
UUID=XXXX-XXXX /mnt/files...
Hi, I just finished doing uid and gid mapping on a non-privileged container for gpu passthrough and the container boots fine.
This container will run jellyfin and yes I know they say to use privileged containers but for security reasons I couldn't.
I got to the point where it says to install the...
Hello,
I managed to follow the directions at https://pve.proxmox.com/wiki/Unprivileged_LXC_containers (and a forum post on here) and get a LXC read/write access to a NFS mountpoint from my host. However, I was wondering what security issues this brings up as I am trying to avoid using a...
I am running a multi-user PVE with a binding to an active directory of ~200+ active users.
I would like to enforce the usage of unprivileged containers only, i.e. I would like to disable the option for users to untick the unprivileged option when creating containers.
Is that possible? How?
A quick validation question for the gurus here:
Is it possible to bind mount a host directory to multiple LXC containers and not run into disk write conflicts?
Let's say there is a folder [or entire drive] on the host at /mnt/ssd/myfolder. And I have multiple unprivileged LXC containers, say...
Howdy folks,
Brand new Proxmox user and I've hit a roadblock with NFS shares in an unprivileged LXC container. I've been trying to bind mount and map based off this guide. My UID/GID 3000 mapping in the VM confs look like this:
...
lxc.idmap = u 0 100000 3000
lxc.idmap = g 0 100000 3000...
Howdy folks,
Brand new Proxmox user and I've hit a roadblock with NFS shares in an unprivileged LXC container. I've been trying to bind mount and map based off this guide. My UID/GID 3000 mapping in the VM {id}.conf looks like this:
...
lxc.idmap = u 0 100000 3000
lxc.idmap = g 0 100000 3000...
Hi friends hope you're doing well.
After reading this very usefull (not enough for my dumb person) explanation on bind mounts for unprivileged containers on proxmox ( + this ) i got this silly question.
i always need a real life example.
Hope some cool person will kindly give me a hint.
I...
Hello everybody,
I wanted to install a self-hosted instance of gitlab on my proxmox node and I wanted to avoid a VM because I wanted to avoid to run the gitlab database inside a virtual disk and I wanted to avoid a privileged container because the gitlab webserver could be faced to the public...
Hello,
I created several Unprivileged LXC container to start my home server. Right now I have a container that serves as a fileserver and a container that serves to download torrents.
I applied on each container the way to bind a mount point from a host by following the wiki on Unprivileged...
Hi, I'm facing some issues trying to build a sock5 proxy container (with docker-ce) inside an unprivileged lxc container.
I put the feature "mknod=1" (which is experimental I get it.)
No matter this feature, the command mknod performed inside my lxc container returns an error
~# mknod...
Hello,
I have installed Collabora Online Development Edition in unprivileged CT of Proxmox (and Nextcloud on an other CT) :
LOOLWSD 6.4.10 (git hash: b4fa48ef)
Collabora Office 6.4-45 (git hash: a21347f)
It is on a "Debian GNU/Linux 10 (buster)" unprivileged CT of Proxmox with...
Hello guys, i trying to get proxmox + nextcloud container (from Turnkey image) to host my nextcloud files on USB hard drive.
Let's begin:
1. I create a user id, a group id with value 2000 and add the new user to new group on pve host.
2. I do the samething on nextcloud container, so user id and...
Hey
I downloaded the turnkey file-server, then bound mounted some zfs storage, I cannot write to the storage, (nobody,nogroup)
I followed this guide:
https://pve.proxmox.com/wiki/Unprivileged_LXC_containers
but it didn't work ! (I try to run sleep from the container and it get 101005 uid in...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.