Proxmox: Difference between revisions
| Line 128: | Line 128: | ||
|   apt update |   apt update | ||
|   apt upgrade sudo |   apt upgrade sudo | ||
| Alt workaround: | |||
|  echo "Set disable_coredump false" >> /etc/sudo.conf | |||
| ref <ref>https://github.com/sudo-project/sudo/issues/42</ref> | ref <ref>https://github.com/sudo-project/sudo/issues/42</ref> | ||
Revision as of 19:41, 21 December 2023
Get Version from Command Line
pveversion
pveversion --verbose
NFS in Container
NFS requires extra permissions to run in a Container (CT), which uses LXC.
Deselect "Unprivileged container", and add the Features "mount=nfs"
# mount 192.168.108.30:/nfs/ken /mnt mount.nfs: access denied by server while mounting 192.168.108.30:/nfs/ken
When trying to add the "mount=nfs" feature:
Permission check failed (changing feature flags for privileged container is only allowed for root@pam) (403)
Login as root and:
pct set 112 -features mount=nfs
# pct set 112 -features mount=nfs --save # is this needed?
LXC - Linux Containers
To use the LC options you first need to download a LC template.
First update the list:
pveam update
Note: The list of available templates is updated daily through the pve-daily-update timer
To list images:
pveam available
To list only system images:
pveam available --section system
Example:
root@proxmox1:~# pveam available --section system system almalinux-9-default_20221108_amd64.tar.xz system alpine-3.18-default_20230607_amd64.tar.xz system archlinux-base_20230608-1_amd64.tar.zst system centos-9-stream-default_20221109_amd64.tar.xz system debian-11-standard_11.7-1_amd64.tar.zst system debian-12-standard_12.2-1_amd64.tar.zst system devuan-4.0-standard_4.0_amd64.tar.gz system fedora-38-default_20230607_amd64.tar.xz system fedora-39-default_20231118_amd64.tar.xz system gentoo-current-openrc_20231009_amd64.tar.xz system opensuse-15.4-default_20221109_amd64.tar.xz system opensuse-15.5-default_20231118_amd64.tar.xz system rockylinux-9-default_20221109_amd64.tar.xz system ubuntu-20.04-standard_20.04-1_amd64.tar.gz system ubuntu-22.04-standard_22.04-1_amd64.tar.zst system ubuntu-23.04-standard_23.04-1_amd64.tar.zst system ubuntu-23.10-standard_23.10-1_amd64.tar.zst
Download to data store:
pveam download mydatastore ubuntu-22.04-standard_22.04-1_amd64.tar.zst
List images on data store:
pveam list mydatastore
# example NAME SIZE mydatastore:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst 123.81MB
To remove:
pveam remove mydatastore:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst
See https://pve.proxmox.com/wiki/Linux_Container
Upgrade Proxmox 7 to Proxmox 8
Upgrade from 7 to 8 - Proxmox VE https://pve.proxmox.com/wiki/Upgrade_from_7_to_8
Update to latest v7:
apt update apt dist-upgrade
Checks:
pve7to8
All checks:
pve7to8 --full
Switch to Bookworm:
sed -i 's/bullseye/bookworm/g' /etc/apt/sources.list
Add VE 8:
# echo "deb https://enterprise.proxmox.com/debian/pve bookworm pve-enterprise" > /etc/apt/sources.list.d/pve-enterprise.list sed -i -e 's/bullseye/bookworm/g' /etc/apt/sources.list.d/pve-install-repo.list
Update system to v8:
apt update apt dist-upgrade
Issues
ping - Operation not permitted
Fix with:
setcap cap_net_raw+ep /bin/ping
or:
chmod u+s /sbin/ping
"I suspect the setuid workaround would likely work and is how ping was shipped in distros for a very long time (and so not particularly risky)." [1]
sudo - setrlimit(RLIMIT_CORE): Operation not permitted
$ sudo hello > /dev/null sudo: setrlimit(RLIMIT_CORE): Operation not permitted
Bug in sudo version. Just update sudo.
apt update apt upgrade sudo
Alt workaround:
echo "Set disable_coredump false" >> /etc/sudo.conf
ref [4]
keywords
references
- ↑ https://discuss.linuxcontainers.org/t/ping-is-failing-in-containers-with-ping-socket-operation-not-permitted/14240/4
- ↑ Ping with unprivileged user in LXC container / Linux capabilities | Proxmox Support Forum - https://forum.proxmox.com/threads/ping-with-unprivileged-user-in-lxc-container-linux-capabilities.42308/
- ↑ No ping from non root user in Debian Buster LXC | Proxmox Support Forum - https://forum.proxmox.com/threads/no-ping-from-non-root-user-in-debian-buster-lxc.72366/#post-387633
- ↑ https://github.com/sudo-project/sudo/issues/42