removing LXC network fails in PVE 8.0

J

JakeFrosty

New Member
Feb 22, 2023
9
0
1
I have upgraded about a week ago to PVE 8.0 and haven't messed with my LXC containers after the upgrade, but when I added another interface to an LXC container and try to remove it, I found out that I cannot do that due to an SDN issue?

The error I get is:
- no sdn vnet ID specified (500)

This only occurs on any user accounts admin or not, however if I use the root account no such error appears and all goes well, the user I am using is also a sudo account.

any help would be appreciated, thank you!
 
Last edited:
Hi,
does the user have the SDN.Use permission? From the release notes: https://pve.proxmox.com/wiki/Roadmap#Proxmox_VE_8.0
  • SDN.Use is required on a bridge/vnet (or its zone) in order to configure it in a guest vNIC.
    • use /sdn/zones/localnetwork or /sdn/zones/localnetwork/<bridge> to allow usage of all or specific local bridges.
    • use /sdn/zones/<zone> or /sdn/zones/<zone>/<bridge> to allow usage of all or specific vnets in a given SDN zone.
Click to expand...

Please share the output of pct config <ID> --current and pveversion -v.
 
  • Like
Reactions: JakeFrosty
the user is in a group with the permission being the root permission giving it full access, but it somehow doesn't do anything

pct config:

arch: amd64
cores: 2
features: nesting=1
hostname: pihole0
memory: 1024
nameserver: 192.168.56.1
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=FF:FF:FF:FF:FF:FF,ip=dhcp,type=veth
net1: name=eth1,bridge=vmbr0,firewall=1,hwaddr=FF:FF:FF:FF:FF:FF,type=veth
onboot: 1
ostype: debian
rootfs: fast:119/vm-119-disk-0.raw,size=10G
searchdomain: lan
swap: 512
unprivileged: 1

pveversion -v:

proxmox-ve: 8.0.1 (running kernel: 6.2.16-3-pve)
pve-manager: 8.0.3 (running version: 8.0.3/bbf3993334bfa916)
pve-kernel-6.2: 8.0.2
pve-kernel-5.15: 7.4-4
pve-kernel-6.2.16-3-pve: 6.2.16-3
pve-kernel-5.15.108-1-pve: 5.15.108-1
pve-kernel-5.15.107-2-pve: 5.15.107-2
ceph-fuse: 16.2.11+ds-2
corosync: 3.1.7-pve3
criu: 3.17.1-2
glusterfs-client: 10.3-5
ifupdown: residual config
ifupdown2: 3.2.0-1+pmx3
libjs-extjs: 7.0.0-3
libknet1: 1.25-pve1
libproxmox-acme-perl: 1.4.6
libproxmox-backup-qemu0: 1.4.0
libproxmox-rs-perl: 0.3.0
libpve-access-control: 8.0.3
libpve-apiclient-perl: 3.3.1
libpve-common-perl: 8.0.6
libpve-guest-common-perl: 5.0.3
libpve-http-server-perl: 5.0.4
libpve-network-perl: 0.8.1
libpve-rs-perl: 0.8.3
libpve-storage-perl: 8.0.2
libspice-server1: 0.15.1-1
lvm2: 2.03.16-2
lxc-pve: 5.0.2-4
lxcfs: 5.0.3-pve3
novnc-pve: 1.4.0-2
openvswitch-switch: 3.1.0-2
proxmox-backup-client: 3.0.1-1
proxmox-backup-file-restore: 3.0.1-1
proxmox-kernel-helper: 8.0.2
proxmox-mail-forward: 0.2.0
proxmox-mini-journalreader: 1.4.0
proxmox-offline-mirror-helper: 0.6.2
proxmox-widget-toolkit: 4.0.6
pve-cluster: 8.0.2
pve-container: 5.0.4
pve-docs: 8.0.4
pve-edk2-firmware: 3.20230228-4
pve-firewall: 5.0.2
pve-firmware: 3.7-1
pve-ha-manager: 4.0.2
pve-i18n: 3.0.5
pve-qemu-kvm: 8.0.2-3
pve-xtermjs: 4.16.0-3
qemu-server: 8.0.6
smartmontools: 7.3-pve1
spiceterm: 3.3.0
swtpm: 0.8.0+pve1
vncterm: 1.8.0
zfsutils-linux: 2.1.12-pve1
 
Last edited:
JakeFrosty said:
the user is in a group with the permission being the root permission giving it full access, but it somehow doesn't do anything
Click to expand...
Sorry, but what is the "root permission"? Do you mean the user has a permission on the / path? What role does the user have on that path? Does the role include the SDN.Use permission?

Please share the output of cat /etc/pve/user.cfg.
 
  • Like
Reactions: JakeFrosty
fiona said:
Sorry, but what is the "root permission"? Do you mean the user has a permission on the / path? What role does the user have on that path? Does the role include the SDN.Use permission?

Please share the output of cat /etc/pve/user.cfg.
Click to expand...
sorry for the confusion, yes I meant the / path
 
cat /etc/pve/user.cfg output:

Code: 
user:civteam@pve:1:0::::civteam testing::
user:colourful@pve:1:0::::::
user:jakefrosty@pam:1:0:::::x:
user:root@pam:1:0:::::x:
token:root@pam!owner:0:0::
user:terria@pve:1:0::::::


group:PVEAdmins:jakefrosty@pam:top level access, use with caution:
group:tester:civteam@pve,colourful@pve,terria@pve:for limited testing:


pool:active-directory::::
pool:codename-iceberg:docker cluster:::
pool:codename-titanic:k3s cluster:::
pool:codename-tundra:proxmox-virtual-testing:::
pool:containers::105,113,114,130::
pool:linux::101,106,110,115,121::
pool:network:networking in general:100,104,119::
pool:private-test::108,109,116,118,129::
pool:templates::103,111,112,117::
pool:test::102,107,120::
pool:windows::122::
pool:zfs0-pool:::zfs0-backups,zfs0-slow,zfs0-templates:


role:cust-role1:VM.Audit,VM.Monitor:


acl:1:/:@PVEAdmins,jakefrosty@pam:Administrator:
acl:1:/pool/test:@tester:PVEVMAdmin:
acl:1:/pool/templates:@tester:PVETemplateUser:
acl:1:/sdn/zones:@PVEAdmins:Administrator:
acl:1:/sdn/zones/localnetwork:@PVEAdmins:Administrator:
 
Last edited:
  • Like
Reactions: JakeFrosty
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom