I am trying to run a Debian 13 LXC container with nesting disabled. Trying to use the console feature just results in a black screen. Using
2000.conf - LXC Config
I tried switching the console mode to /dev/console and I got the systemd entries but I got these concerning errors:
I feel this is directly related to the nesting feature as I can use the console just fine when nesting is disabled.
The reason I don't want nesting enabled is because I plan on putting a small daemon on here that doesn't need to nest other container runtime and I want to reduce possible attack surfaces.
I should also say that use of the console function isn't going to be necessary for my workload because the plan is to make a dedicated LXC template with DAB. And, all the settings configurable outside of the terminal. But I just think it is weird that the nesting flag completely breaks such a prominent portion of the PVE Web UI without a warning.
pct enter 2000 works fine.2000.conf - LXC Config
Code:
arch: amd64
cmode: console
cores: 1
hostname: test-2000
memory: 512
nameserver: 10.3.3.253 10.3.3.254
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=BC:24:11:A0:68:16,ip=dhcp,type=veth
ostype: debian
rootfs: vm_storage:vm-2000-disk-0,size=8G
swap: 512
unprivileged: 1I tried switching the console mode to /dev/console and I got the systemd entries but I got these concerning errors:
Code:
...
container-getty@2.service: Failed to set up credentials: Protocol error
container-getty@2.service: Failed at step CREDENTIALS spawning /sbin/agetty: Protocol error
console-getty.service: Failed to set up credentials: Protocol error
console-getty.service: Failed at step CREDENTIALS spawning /sbin/agetty: Protocol error
console-getty.service: Deactivated successfully.
container-getty@2.service: Deactivated successfully.
container-getty@2.service: Scheduled restart job, restart counter is at 5.
container-getty@1.service: Start request repeated too quickly.
container-getty@1.service: Failed with result 'start-limit-hit'.
container-getty@2.service: Start request repeated too quickly.
container-getty@2.service: Failed with result 'start-limit-hit'.
console-getty.service: Scheduled restart job, restart counter is at 2.
console-getty.service: Failed to set up credentials: Protocol error
console-getty.service: Failed at step CREDENTIALS spawning /sbin/agetty: Protocol error
console-getty.service: Deactivated successfully.
console-getty.service: Scheduled restart job, restart counter is at 3.
console-getty.service: Failed to set up credentials: Protocol error
console-getty.service: Failed at step CREDENTIALS spawning /sbin/agetty: Protocol error
console-getty.service: Deactivated successfully.
console-getty.service: Scheduled restart job, restart counter is at 4.
console-getty.service: Failed to set up credentials: Protocol error
console-getty.service: Failed at step CREDENTIALS spawning /sbin/agetty: Protocol error
console-getty.service: Deactivated successfully.
console-getty.service: Scheduled restart job, restart counter is at 5.
console-getty.service: Start request repeated too quickly.
console-getty.service: Failed with result 'start-limit-hit'.I feel this is directly related to the nesting feature as I can use the console just fine when nesting is disabled.
The reason I don't want nesting enabled is because I plan on putting a small daemon on here that doesn't need to nest other container runtime and I want to reduce possible attack surfaces.
I should also say that use of the console function isn't going to be necessary for my workload because the plan is to make a dedicated LXC template with DAB. And, all the settings configurable outside of the terminal. But I just think it is weird that the nesting flag completely breaks such a prominent portion of the PVE Web UI without a warning.
