Welcome!

Share and discuss the best content and new marketing ideas, build your professional profile and become a better marketer together.

Sign up

This question has been flagged
71 Views

Snap requires a bit more work. There may soon be a ‘fuse’ flag for the features option, but fuse can be dangerous. For now you have to do this:


– For unprivileged containers:

1) Put this in /etc/pve/lxc/$vmid.conf:

Code:

...
features: mount=fuse,nesting=1
lxc.mount.entry = /dev/fuse dev/fuse none bind,create=file 0 0

2) Inside the container: `apt install squashfuse`


– For privileged containers, also add:

Code:

...
# EDIT:
# We need to allow apparmor administration, by default mac_admin is dropped for privileged containers.
# Note that you do not want this for un-trusted containers...
lxc.cap.drop =
lxc.cap.drop = mac_override sys_time sys_module sys_rawio

Alternatively to squashfuse, privileged containers could use loop devices, but I wouldn’t recommend it…



Note that enabling `fuse` in a container does not play well with backups, or anything that causes an `lxc-freeze` command to be executed on the container, as this can cause deadlocks in the kernel…

Avatar
Discard