[SOLVED] Bind mount /dev/net directory from host to unprivileged container?

I

ITPugilist

Well-Known Member
Dec 5, 2017
37
2
48
I have an unprivileged container that runs Centos 7 and I want it to run as an openvpn client to a pfsense firewall. But I can't seem to get it running as the guest container does not have "dev/net/tun". So I looked online and saw people create the file directly inside the container but unprivileged containers can't create device nodes since it is a kernel policy. So the next method is to bind mount it. I tried mounting it but it seems every time I create a "net" directory inside the container's "dev" directory so I can bind mount the host's "dev/net" directory it deletes it. So I wanna ask the community if there is any way around this, and, Happy Holidays! :)
 
  • Like
Reactions: carpler
hi,

did you install the necessary kernel module on the host? (modprobe tun)
 
  • Like
Reactions: ITPugilist
oguz said:
hi,

did you install the necessary kernel module on the host? (modprobe tun)
Click to expand...
Tried that just now and it still deletes the net directory I created inside the guest's /dev directory upon reboot. :/
Is there some way to make the guest make use of the tun file inside the host's /dev/net? Or somehow mount it some other way?

Edit:
I tried to add a few lines in "/var/lib/lxc/<CT_ID>/config" but it gets deleted every time the guest is turned on. :| So the only way to persist the bind mounting is doing it via "/etc/pve/lxc/CT_ID.conf" but when I do it there, the guest refuses to turn on.

Edit#2:
This is a PRIVILEGED container, I apologize, seems that I un-ticked the unprivileged option when I restored the container file after my old HDD died and transferred it to this new proxmox instance.
 
Last edited:
You must log in or register to reply here.
Top Bottom