Permission error w/ sockets inside CT since migration to PVE 4.1
- Thread starter datenimperator
- Start date
-
- Tags
- lxc migration openvz permissions
Hi!
I managed to find a workaround that fixes the socket issues that were mentioned. I did several things, and I'm not sure which one did the trick.
First, I disabled the ACL on the host root filesystem:
tune2fs -o -act /dev/root_device
apparently, the ACL properties are inherited, so that should do the trick (it did not).
Also, I set the lxc.aaa_profile: unconfined in the /etc/pve/lxc/(containter).conf:
What apparently helped was changing the Root Disk options within the Proxmox gui (Resources->Root Disk->Edit, turn ACLs off.
This sets the the acl=0 in the rootfs options in /etc/pve/lxc/(containter).conf:
rootfs: local:102/vm-102-disk-1.raw,acl=0,size=500G
I hope it helps someone. I spent the entire day working on this. The problem started when migrating the Debian Jessie VZ guest to lxc on Proxmox4. Affected daemons were mysqld, dovecot and postfix. It all seems to work now.
I managed to find a workaround that fixes the socket issues that were mentioned. I did several things, and I'm not sure which one did the trick.
First, I disabled the ACL on the host root filesystem:
tune2fs -o -act /dev/root_device
apparently, the ACL properties are inherited, so that should do the trick (it did not).
Also, I set the lxc.aaa_profile: unconfined in the /etc/pve/lxc/(containter).conf:
What apparently helped was changing the Root Disk options within the Proxmox gui (Resources->Root Disk->Edit, turn ACLs off.
This sets the the acl=0 in the rootfs options in /etc/pve/lxc/(containter).conf:
rootfs: local:102/vm-102-disk-1.raw,acl=0,size=500G
I hope it helps someone. I spent the entire day working on this. The problem started when migrating the Debian Jessie VZ guest to lxc on Proxmox4. Affected daemons were mysqld, dovecot and postfix. It all seems to work now.
I just wanted to thank you for this, i've spent hours trying to get GitLab to run on a Debian 8.4 LXC and that simple setting change allowed "gitlab-ctl reconfigure" to run without issue.