rcd's picture

I created an privileged container with TKL fileserver 16.1-1 in proxmox 6.4 but the webmin system didn't start. After some poking around I found that stunnel4 didn't start, apparenly some problem with running in privileged containers.  Well I created another unprivileged, but as I use bind mounts to export zfs volumes to the container, i now can't write files.

I know there is a way to map user id's described here, but it is so nitty-gritty complicated I just can't wrap my head around how it works.  

Frankly I am fine with running a privileged container as it's for my homelab in my private lan, except of course then webmin doesn't work. 

Is there a solution to this?



Jeremy Davis's picture

If you enable the container to run "nested" it should run fine as a privileged container. FWIW the issue is that the additional security measures implemented in many Debian Buster systemd services aren't compatible with running within a privileged cotnainer (due to bugs and/or limitations in the interaction between the kernel's cgroups provision and the version of systemd in Debian Buster - which is the base of both Proxmox v6 and TurnKey v16). If I understand the issue correctly, it should "disappear" once both the host and guest move to (the soon to be released) Debian Bullseye.

Add new comment