unprivileged container

  1. J

    Mounting disk to unprivileged container

    Sorry for what I'm sure is an exceedingly stupid question, but is this an insecure way to mount an external disk to an unprivileged container? I added this to /etc/fstab, the disk mounts at boot, and I have rwx permissions as the user with ID 101000 in the container: UUID=XXXX-XXXX /mnt/files...
  2. D

    Install iGPU Driver on host and container

    Hi, I just finished doing uid and gid mapping on a non-privileged container for gpu passthrough and the container boots fine. This container will run jellyfin and yes I know they say to use privileged containers but for security reasons I couldn't. I got to the point where it says to install the...
  3. Z

    Unprivileged LXC with uid mapping - what does it mean?

    Hello, I managed to follow the directions at https://pve.proxmox.com/wiki/Unprivileged_LXC_containers (and a forum post on here) and get a LXC read/write access to a NFS mountpoint from my host. However, I was wondering what security issues this brings up as I am trying to avoid using a...
  4. L

    Deactivate Privileged Containers?

    I am running a multi-user PVE with a binding to an active directory of ~200+ active users. I would like to enforce the usage of unprivileged containers only, i.e. I would like to disable the option for users to untick the unprivileged option when creating containers. Is that possible? How?
  5. J

    Safely sharing host directory amongst multiple LXC containers

    A quick validation question for the gurus here: Is it possible to bind mount a host directory to multiple LXC containers and not run into disk write conflicts? Let's say there is a folder [or entire drive] on the host at /mnt/ssd/myfolder. And I have multiple unprivileged LXC containers, say...
  6. M

    UID/GID Mapping not working in NFS share for unprivileged LXC

    Howdy folks, Brand new Proxmox user and I've hit a roadblock with NFS shares in an unprivileged LXC container. I've been trying to bind mount and map based off this guide. My UID/GID 3000 mapping in the VM confs look like this: ... lxc.idmap = u 0 100000 3000 lxc.idmap = g 0 100000 3000...
  7. M

    [SOLVED] UID/GID Mapping and NFS Share Access in unprivileged LXC

    Howdy folks, Brand new Proxmox user and I've hit a roadblock with NFS shares in an unprivileged LXC container. I've been trying to bind mount and map based off this guide. My UID/GID 3000 mapping in the VM {id}.conf looks like this: ... lxc.idmap = u 0 100000 3000 lxc.idmap = g 0 100000 3000...
  8. P

    yet another lxc bind mount dump question

    Hi friends hope you're doing well. After reading this very usefull (not enough for my dumb person) explanation on bind mounts for unprivileged containers on proxmox ( + this ) i got this silly question. i always need a real life example. Hope some cool person will kindly give me a hint. I...
  9. H

    Installing official gitlab linux package on unprivileged container

    Hello everybody, I wanted to install a self-hosted instance of gitlab on my proxmox node and I wanted to avoid a VM because I wanted to avoid to run the gitlab database inside a virtual disk and I wanted to avoid a privileged container because the gitlab webserver could be faced to the public...
  10. K

    Question about local directory bind mount points and permissions

    Hello, I created several Unprivileged LXC container to start my home server. Right now I have a container that serves as a fileserver and a container that serves to download torrents. I applied on each container the way to bind a mount point from a host by following the wiki on Unprivileged...
  11. D

    Mknod in an unprivileged lxc container

    Hi, I'm facing some issues trying to build a sock5 proxy container (with docker-ce) inside an unprivileged lxc container. I put the feature "mknod=1" (which is experimental I get it.) No matter this feature, the command mknod performed inside my lxc container returns an error ~# mknod...
  12. T

    Collabora Online Development Edition in unprivileged CT of Proxmox

    Hello, I have installed Collabora Online Development Edition in unprivileged CT of Proxmox (and Nextcloud on an other CT) : LOOLWSD 6.4.10 (git hash: b4fa48ef) Collabora Office 6.4-45 (git hash: a21347f) It is on a "Debian GNU/Linux 10 (buster)" unprivileged CT of Proxmox with...
  13. V

    Proxmox + Nextcloud Turnkey on a USB External Hard Drive

    Hello guys, i trying to get proxmox + nextcloud container (from Turnkey image) to host my nextcloud files on USB hard drive. Let's begin: 1. I create a user id, a group id with value 2000 and add the new user to new group on pve host. 2. I do the samething on nextcloud container, so user id and...
  14. M

    unpriviledged container idmap

    Hey I downloaded the turnkey file-server, then bound mounted some zfs storage, I cannot write to the storage, (nobody,nogroup) I followed this guide: https://pve.proxmox.com/wiki/Unprivileged_LXC_containers but it didn't work ! (I try to run sleep from the container and it get 101005 uid in...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!