[PVE-User] systemd-logind.service

Arjen leesteken+proxmox at pm.me
Fri Sep 9 12:10:01 CEST 2022


On Thursday, September 8th, 2022 at 11:58, Piviul <piviul at riminilug.it> wrote:
> 
> On 05/09/22 12:27, Kalpesh Sejpal wrote:
> 
> > Hi,
> > 
> > It's better to enable features Flag nesting=1 for each LXC container with
> > that error.
> > 
> > Please, check security conserns before changing it.
> > 
> > If you can't do that then another alternative it to mask systemd-logind
> > service.
> 
> 
> Hi Kalpesh, thank you very much. In effect both solution seems to work.
> There are security risk to set nesting flag on unprivileged container?
> 
> Piviul
>

You can find the opinion of the Proxmox staff on this in that same thread on the forum:
https://forum.proxmox.com/threads/lxc-container-upgrade-to-bullseye-slow-login-and-apparmor-errors.93064/#post-409030

They believe nested should be enabled by default, and it is enabled for new unprivileged containers since PVE 7.0.

Hope this helps, Arjen



More information about the pve-user mailing list