[SOLVED] Lxc unprivileged - mount from /etc/fstab file

M

michaelj

Renowned Member
Jun 30, 2016
57
0
71
37
Hi Community,

I don't know if it's possible but I'm trying to add an nfs mountpoint in my container via the /etc/fstab file.

This one is not mounted when starting the container, if I run manually /bin/mount -a, I have the following error: mount.nfs: Operation not permitted

Host server logs :

Jul 22 17:46:02 audit [8063]: AVC apparmor = "DENIED" operation = "mount" info = "failed flags match" error = -13 profile = "/ usr / bin / lxc-start" name = " / proc / sys / kernel / random / boot_id "pid = 8063 comm =" lxc-start "srcname =" / dev / .lxc-boot-id "flags =" rw, bind "
Jul 22 17:46:02 kernel: audit: type = 1400 audit (1595432762.687: 227): apparmor = "DENIED" operation = "mount" info = "failed flags match" error = -13 profile = "/ usr / bin / lxc-start "name =" / proc / sys / kernel / random / boot_id "pid = 8063 comm =" lxc-start "srcname =" / dev / .lxc-boot-id "flags =" rw, bind "
Click to expand...


I know i can mount the nfs through the host server but that's not what i want.

/etc/fstab file :

x.x.x.x:/zpool-xxxx/folder /folder nfs rw 0 0
Click to expand...


This is my lxc config file :

arch: amd64
cpulimit: 4
cpuunits: 1024
features: nesting=1
hostname: xxx
memory: 3096
mp0: /apps/scripts,mp=/apps/scripts
mp1: /share,mp=/share
nameserver: 172.xxx
net0: name=eth3,bridge=vmbr2,hwaddr=A2:A9:02:9E:B7:65,ip=172.25.2.7/16,type=veth
onboot: 1
ostype: debian
rootfs: zfs-storage:subvol-523-disk-1,size=23G
searchdomain: xx
swap: 256
unprivileged: 1
lxc.prlimit.nofile: 65536
Click to expand...



I specify that without the unprivileged mode, the mountpoint works.

Regards.
 
AFAIR NFS is not user-namespace aware - and hence does not work inside unprivileged containers.
 
Hi Stoiko,

Thanks for your answer, so the only solution is to mount through the host ?

Regards.
 
Never mind, found it!
Attaching a screen dump for other people who get lost like me in the GUI. :)

The fstab-mounting worked like a charm BTW upon reboot.
Thanks for setting me on the right track @Stoiko Ivanov !
 

Attachments

  • 2022-12-29_10-14-16.png
    2022-12-29_10-14-16.png
    105.5 KB · Views: 407
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back