Hi again I've been trying all day to get fstrim working inside unprivileged LXC containers with no luck. Initially I thought it was just a Debian/Ubuntu issue, but I've tried multiple OS templates and it always results in: FITRIM ioctl failed: Operation not permitted. FYI it works fine in privileged containers, but as people have pointed out they're not as secure. Can anyone help me get this working, or tell me if there's a workaround? I've switched to lvm-thin provisioning so I need to trim container disks to free up deleted space. Or is it just not supported in unprivileged containers at the moment? I found a similar issue at linuxcontainers.org. One of the maintainers said: "Unfortunately I expect it’s simply the kernel refusing an unprivileged user requesting a TRIM operation on a block device. Unless you’re using a privileged container, I don’t expect you’ll get away from that… One option would be to have root on the host run fstrim against all /dev/rbd* devices, effectively running TRIM against all running containers. Otherwise, you’d need to wait until we have a way to catch such system calls in userspace (there’s ongoing kernel work to allow that), at which point we could have LXD catch that particular ioctl and replay it as real root." If doing it inside containers won't work, is a way of triming disk images externally from the host? Thanks!