Запуск NFS-сервера внутри контейнера ProxMox 5.3 - LXC

Создать файл профиля AppAromor - /etc/apparmor.d/lxc/lxc-default-with-nfsd

# Do not load this file.  Rather, load /etc/apparmor.d/lxc-containers, which
# will source all profiles under /etc/apparmor.d/lxc

profile lxc-container-default-with-nfsd flags=(attach_disconnected,mediate_deleted) {
  #include <abstractions/lxc/container-base>

  # the container may never be allowed to mount devpts.  If it does, it
  # will remount the host's devpts.  We could allow it to do it with
  # the newinstance option (but, right now, we don't).
  deny mount fstype=devpts,
  mount fstype=nfsd,
  mount fstype=rpc_pipefs,
  mount fstype=cgroup -> /sys/fs/cgroup/**,
}

Добавить профиль в текущую конфигурацию AppArmor:

apparmor_parser -r /etc/apparmor.d/lxc-containers

В конфигурацию контейнера добавить:

lxc.apparmor.profile = lxc-container-default-with-nfsd

Real name:

E-Mail:

Address:

Enter your comment. Wiki syntax is allowed:

Please fill all the letters into the box to prove you're human. Please keep this field empty:

Subscribe to comments

Запуск NFS-сервера внутри контейнера ProxMox 5.3 - LXC

Discussion