[pve-devel] [PATCH pve-container 1/1] fix 6897: warn that nesting may be required for systemd

Robert Obkircher r.obkircher at proxmox.com
Thu Oct 23 13:22:26 CEST 2025 

Signed-off-by: Robert Obkircher <r.obkircher at proxmox.com>
---
 src/PVE/LXC/Setup.pm      |  7 +++++++
 src/PVE/LXC/Setup/Base.pm | 20 ++++++++++++++++++++
 src/lxc-pve-prestart-hook |  5 +++++
 3 files changed, 32 insertions(+)

diff --git a/src/PVE/LXC/Setup.pm b/src/PVE/LXC/Setup.pm
index 87330c4..197b3ad 100644
--- a/src/PVE/LXC/Setup.pm
+++ b/src/PVE/LXC/Setup.pm
@@ -320,6 +320,13 @@ sub unified_cgroupv2_support {
     return $self->{plugin}->unified_cgroupv2_support($self->get_ct_init_path());
 }
 
+sub get_may_require_nesting_warning {
+    my ($self) = @_;
+
+    my $init = $self->get_ct_init_path();
+    return $self->{plugin}->get_may_require_nesting_warning($self->{conf}, $init);
+}
+
 # os-release(5):
 #   (...) a newline-separated list of environment-like shell-compatible
 #   variable assignments. (...) beyond mere variable assignments, no shell
diff --git a/src/PVE/LXC/Setup/Base.pm b/src/PVE/LXC/Setup/Base.pm
index a2c88ed..bcb26ba 100644
--- a/src/PVE/LXC/Setup/Base.pm
+++ b/src/PVE/LXC/Setup/Base.pm
@@ -647,6 +647,26 @@ sub get_ct_init_path {
     return $init_path;
 }
 
+sub get_may_require_nesting_warning {
+    my ($self, $conf, $init) = @_;
+
+    my $features = PVE::LXC::Config->parse_features($conf->{features});
+    if ($features->{nesting}) {
+        return;
+    }
+
+    if (!defined($init) || $init !~ m@/systemd$@) {
+        return;
+    }
+
+    my $sdver = $self->get_systemd_version($init);
+    if (!defined($sdver) || $sdver < 232) {
+        return;
+    }
+
+    return "Systemd $sdver detected. You might need to enable nesting.";
+}
+
 sub ssh_host_key_types_to_generate {
     my ($self) = @_;
 
diff --git a/src/lxc-pve-prestart-hook b/src/lxc-pve-prestart-hook
index 73125e1..09e8e44 100755
--- a/src/lxc-pve-prestart-hook
+++ b/src/lxc-pve-prestart-hook
@@ -172,6 +172,11 @@ PVE::LXC::Tools::lxc_hook(
             }
         }
 
+        my $nesting_warning = $lxc_setup->get_may_require_nesting_warning();
+        if ($nesting_warning) {
+            log_warn($vmid, $nesting_warning);
+        }
+
         if (@$devices) {
             my $devlist = '';
             foreach my $dev (@$devices) {
-- 
2.47.3

More information about the pve-devel mailing list