Issue with cPanel on lxc container

powersupport

powersupport

Active Member
Jan 18, 2020
248
2
38
29
Recently, I set up a container in Proxmox, which is unprivileged, and installed cPanel on it, but there are certain functions that are not working, for example, the account usage quota not showing. when we checked the same with cPanel support they mentioned we need to make the container to privileged.

1 ) Is there any issue if we run a privileged container on production?

2) If there are issues, how we can change unprivileged to privileged?

3) Is there any workaround in unprivileged container to work it with all featured without changing to privileged

Any help apreciated

Thank you.
 
powersupport said:
1 ) Is there any issue if we run a privileged container on production?
Click to expand...
Privileged containers pose additional security risks and should only be ran in trusted environments. This means this depends on whether you only want to use cPanel for yourself and whether it is reachable from the outside. To quote from our wiki article [1]:

Privileged Containers​

Security in containers is achieved by using mandatory access control AppArmor restrictions, seccomp filters and Linux kernel namespaces. The LXC team considers this kind of container as unsafe, and they will not consider new container escape exploits to be security issues worthy of a CVE and quick fix. That’s why privileged containers should only be used in trusted environments.
Click to expand...

powersupport said:
2) If there are issues, how we can change unprivileged to privileged?
Click to expand...
Backup + Restore is the recommended way of converting an unprivileged container to a privileged container and vice-versa.

powersupport said:
3) Is there any workaround in unprivileged container to work it with all featured without changing to privileged
Click to expand...
If cPanel support couldn't provide any workaround, then probably no. At least their documentation [2] also recommends running as privileged. If the security implications of this are okay, is for you to decide.

[1] https://pve.proxmox.com/wiki/Linux_Container#_security_considerations
[2] https://docs.cpanel.net/knowledge-base/general-systems-administration/linux-containers/
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back