Hi,
I have made a test installation of Proxmox and nearly all works great. Except one thing: I can not use turnkey lxc templates with the unpriv flag in lxc.
It is working perfect with the standard debian 8 system-image. But not with turnkey application images.
With turnkey template:
With debian 8 system template:
The turnkey error seems to me like a permission error (can not extract without permissions). But then I really do not understand, why the debian part is working. If I build the lxc container with turnkey privileged, then it will work flawless.
Is there a configuration for turnkey templates i missed? Or are they build without supporting unpriv flags?
Thanks in advance,
xfk
I have made a test installation of Proxmox and nearly all works great. Except one thing: I can not use turnkey lxc templates with the unpriv flag in lxc.
It is working perfect with the standard debian 8 system-image. But not with turnkey application images.
With turnkey template:
Code:
extracting archive '/var/lib/vz/template/cache/debian-8-turnkey-plone_14.1-1_amd64.tar.gz'
tar: ./var/spool/postfix/dev/urandom: Cannot mknod: Operation not permitted
tar: ./var/spool/postfix/dev/random: Cannot mknod: Operation not permitted
Total bytes read: 1127372800 (1.1GiB, 105MiB/s)
tar: Exiting with failure status due to previous errors
TASK ERROR: command 'lxc-usernsexec -m u:0:100000:65536 -m g:0:100000:65536 -- tar xpf /var/lib/vz/template/cache/debian-8-turnkey-plone_14.1-1_amd64.tar.gz --totals --sparse --numeric-owner --acls --xattrs '--xattrs-include=user.*' '--xattrs-include=security.capability' '--warning=no-xattr-write' -C /var/lib/lxc/106/rootfs --skip-old-files --anchored --exclude './dev/*'' failed: exit code 2With debian 8 system template:
Code:
extracting archive '/var/lib/vz/template/cache/debian-8.0-standard_8.6-1_amd64.tar.gz'
Total bytes read: 534702080 (510MiB, 123MiB/s)
Detected container architecture: amd64
Creating SSH host key 'ssh_host_ecdsa_key' - this may take some time ...
Creating SSH host key 'ssh_host_ed25519_key' - this may take some time ...
Creating SSH host key 'ssh_host_rsa_key' - this may take some time ...
Creating SSH host key 'ssh_host_dsa_key' - this may take some time ...
Creating SSH host key 'ssh_host_key' - this may take some time ...
TASK OKThe turnkey error seems to me like a permission error (can not extract without permissions). But then I really do not understand, why the debian part is working. If I build the lxc container with turnkey privileged, then it will work flawless.
Is there a configuration for turnkey templates i missed? Or are they build without supporting unpriv flags?
Thanks in advance,
xfk
