I have an unprivileged LXC running docker.
Docker is running a container called Gluetun.
Gluetun is supposed to be configured with either OpenVPN or Wireguard. Here is an example of the docker run:
But when I create the container, it returns the error:
This looks like a permissions error.
I followed the OpenVPN guide in the wiki.
In my <id>.conf file for the lxc container I have the two lines:
I also made sure to run the chown command.
and inside the LXC container:
But I still get the same error message:
What am I supposed to be doing?
If I make the LXC container privileged, it works just fine. For some reason Proxmox refuses to allow the container to use /dev/net/tun while it is unprivileged, even though I've made all the necessary provisions.
Docker is running a container called Gluetun.
Gluetun is supposed to be configured with either OpenVPN or Wireguard. Here is an example of the docker run:
Code:
docker run -it --rm --cap-add=NET_ADMIN -e VPN_SERVICE_PROVIDER=torguard \
-e OPENVPN_USER=abc -e OPENVPN_PASSWORD=abc \
-e SERVER_COUNTRIES=Netherlands qmcgaw/gluetunBut when I create the container, it returns the error:
Code:
2024-10-16T21:44:20Z INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-10-16T21:44:20Z INFO [routing] routing cleanup...
2024-10-16T21:44:20Z INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.3 and family v4
2024-10-16T21:44:20Z INFO [routing] deleting route for 0.0.0.0/0
2024-10-16T21:44:20Z ERROR creating tun device: creating TUN device file node: operation not permittedThis looks like a permissions error.
I followed the OpenVPN guide in the wiki.
In my <id>.conf file for the lxc container I have the two lines:
Code:
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file
lxc.cgroup2.devices.allow: c 10:200 rwmI also made sure to run the chown command.
Code:
chown 100000:100000 /dev/net/tun
Code:
root@pve:~# ls -l /dev/net/tun
crw------- 1 100000 100000 10, 200 Oct 13 16:56 /dev/net/tunand inside the LXC container:
Code:
root@my-lxc-container:~# ls -l /dev/net/tun
crw-rw-rw- 1 root root 10, 200 Oct 17 13:07 /dev/net/tunBut I still get the same error message:
Code:
2024-10-16T21:44:20Z ERROR creating tun device: creating TUN device file node: operation not permittedWhat am I supposed to be doing?
If I make the LXC container privileged, it works just fine. For some reason Proxmox refuses to allow the container to use /dev/net/tun while it is unprivileged, even though I've made all the necessary provisions.
