Snap requires a bit more work. There may soon be a ‘fuse’ flag for the features option, but fuse can be dangerous. For now you have to do this:
– For unprivileged containers:
1) Put this in /etc/pve/lxc/$vmid.conf:
Code:
... features: mount=fuse,nesting=1 lxc.mount.entry = /dev/fuse dev/fuse none bind,create=file 0 0
2) Inside the container: `apt install squashfuse`
– For privileged containers, also add:
Code:
... # EDIT: # We need to allow apparmor administration, by default mac_admin is dropped for privileged containers. # Note that you do not want this for un-trusted containers... lxc.cap.drop = lxc.cap.drop = mac_override sys_time sys_module sys_rawio
Alternatively to squashfuse, privileged containers could use loop devices, but I wouldn’t recommend it…
Note that enabling `fuse` in a container does not play well with backups, or anything that causes an `lxc-freeze` command to be executed on the container, as this can cause deadlocks in the kernel…