NFSD on LXC

3/2/2017 - 10:05 AM

Create a new file "/etc/apparmor.d/lxc/lxc-default-with-nfsd" and paste in the following;

Code:
# Do not load this file.  Rather, load /etc/apparmor.d/lxc-containers, which
# will source all profiles under /etc/apparmor.d/lxc

profile lxc-container-default-with-nfsd flags=(attach_disconnected,mediate_deleted) {
  #include <abstractions/lxc/container-base>

  # the container may never be allowed to mount devpts.  If it does, it
  # will remount the host's devpts.  We could allow it to do it with
  # the newinstance option (but, right now, we don't).
  deny mount fstype=devpts,
  mount fstype=nfsd,
  mount fstype=rpc_pipefs,
  mount fstype=cgroup -> /sys/fs/cgroup/**,
}
Then run this command to reload the profiles 
Code:
apparmor_parser -r /etc/apparmor.d/lxc-containers
Finally at this line to your /etc/pve/lxc/CTID.conf
Code:
lxc.aa_profile = lxc-container-default-with-nfsd

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

NFSD on LXC