making mp's migratable (virtiofs on pve managed paths only)

[Johannes S]

One obvious attack @Johannes S slides point out is someone with root on their device creating an account with the same UID as another user. Then mount the share and su to the other user where you can peruse or alter their files.

Just to avoid wrong credits: They are not my slides but from the speaker Sergej Schmidt who did the talk For the rest I agree with you obviousvsly.
NFS is ok if you have no important data (aka my homelab where everything important is also stored on cloud storage) or for stuff like storage for ProxmoVE, where the whole cluster specific network (corosync, storage network for nfs etc) has it's own dedicated network infrastructure where users and their own devices don't have access.

 

[louiseanton]

once the dir mapping is available for containers (as "managed bind mounts"), enabling migration should be easy there. for live-migration of VMs, there are still some missing pieces AFAIK, once those become available and are proven to work, we will enable it as well of course. offline migration should already work, if you set up the dir mapping correctly.

Any progress for virtiofs live-migration of VMs ?