2

I am trying to create an lxc container that acts as a vpn server. I am trying to add the tap/tun adapter to the container's device list. I have tried adding the following line to the lxc config.

lxc.cgroup.devices.allow = c 10:200 rwm

That did not seems to add it to the container. I have tried creating the folder

/var/lib/lxc/vm1/rootfs/dev/net and mknod -m 666 /var/lib/lxc/vm1/rootfs/dev/net/tun c 10 200

This does not work as well. Using mknod inside the container throws an error Operation not permitted

Any ideas on how I proceed? I am still new to VPN servers and LXC containers.

4

3 回答 3

3

我可以按照这里的步骤解决它:http: //heider.io/blog/2013/10/26/openvpn-in-a-lxc-container/但我必须将这些添加到配置的末尾/var/lib/lxc/vm1/config

[编辑] 我不再需要这个答案,但对于其他人来说,该网页不再可访问,这是它的存档版本 - https://web.archive.org/web/20190730140350/http ://heider.io/blog/2013/10/26/openvpn-in-a-lxc-container/这是内容的图片 -内容图片

于 2014-06-12T23:05:32.270 回答
0

对于 libvirt_lxc (virt-manager, libvirtd) virt-manager -> 打开 lxc 机器 -> 添加设备 misc

<hostdev mode="capabilities" type="misc">
  <source>
    <char>/dev/net/tun</char>
  </source>
</hostdev>

请查看:
https ://www.redhat.com/archives/libvirt-users/2018-January/msg00075.html

于 2020-06-27T08:55:54.557 回答
0

2021 年,在 Proxmox 上,我让它工作的方式是将这两行添加到 lxc 配置文件中/etc/pve/lxc/{id}.conf

lxc.cgroup.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file
于 2021-05-27T00:30:43.993 回答