[pve-devel] [PATCH container/manager 0/4] restrict privileged containers
Fabian Grünbichler
f.gruenbichler at proxmox.com
Wed Jul 30 17:00:09 CEST 2025
this series
- defaults to unprivileged containers in the backend (already the
default in the UI for a while)
- requires Sys.Modify when creating a new privileged container, or
converting and existing unprivileged one to a privileged one via
in-place restore
pve-container technically breaks old pve-manager, insofar as privileged
container creation via the UI is not honored.
pve-container:
Fabian Grünbichler (3):
api: create: default to unprivileged containers
create/restore: require Sys.Modify for privileged containers
migration: require Sys.Modify for incoming privileged containers
src/PVE/API2/LXC.pm | 21 ++++++++++++++-------
1 file changed, 14 insertions(+), 7 deletions(-)
pve-manager:
Fabian Grünbichler (1):
lxc: create: always submit unprivileged field
www/manager6/lxc/CreateWizard.js | 1 +
1 file changed, 1 insertion(+)
--
2.39.5
More information about the pve-devel
mailing list