Container description. Only used on the configuration web interface.
-`features`: `[keyctl=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]` ::
+`features`: `[fuse=<1|0>] [,keyctl=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]` ::
Allow containers access to advanced features.
+`fuse`=`<boolean>` ('default =' `0`);;
+
+Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.
+
`keyctl`=`<boolean>` ('default =' `0`);;
For unprivileged containers only: Allow the use of the keyctl() system call. This is required to use docker inside a container. By default unprivileged containers will see this system call as non-existent. This is mostly a workaround for systemd-networkd, as it will treat it as a fatal error when some keyctl() operations are denied by the kernel due to lacking permissions. Essentially, you can choose between running systemd-networkd or docker.
Allow nesting. Best used with unprivileged containers with additional id mapping. Note that this will expose procfs and sysfs contents of the host to the guest.
+`hookscript`: `<string>` ::
+
+Script that will be exectued during various steps in the containers lifetime.
+
`hostname`: `<string>` ::
Set a host name for the container.
-`lock`: `<backup | disk | migrate | mounted | rollback | snapshot | snapshot-delete>` ::
+`lock`: `<backup | create | disk | fstrim | migrate | mounted | rollback | snapshot | snapshot-delete>` ::
Lock/unlock the VM.
Amount of RAM for the VM in MB.
-`mp[n]`: `[volume=]<volume> ,mp=<Path> [,acl=<1|0>] [,backup=<1|0>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]` ::
+`mp[n]`: `[volume=]<volume> ,mp=<Path> [,acl=<1|0>] [,backup=<1|0>] [,mountoptions=<opt[;opt...]>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]` ::
Use volume as container mount point.
Whether to include the mount point in backups (only used for volume mount points).
+`mountoptions`=`<opt[;opt...]>` ;;
+
+Extra mount options for rootfs/mps.
+
`mp`=`<Path>` ;;
Path to the mount point as seen from inside the container.
`hwaddr`=`<XX:XX:XX:XX:XX:XX>` ;;
-The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)
+A common MAC address with the I/G (Individual/Group) bit not set.
`ip`=`<(IPv4/CIDR|dhcp|manual)>` ;;
Sets the protection flag of the container. This will prevent the CT or CT's disk remove/update operation.
-`rootfs`: `[volume=]<volume> [,acl=<1|0>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]` ::
+`rootfs`: `[volume=]<volume> [,acl=<1|0>] [,mountoptions=<opt[;opt...]>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]` ::
Use volume as container root.
Explicitly enable or disable ACL support.
+`mountoptions`=`<opt[;opt...]>` ;;
+
+Extra mount options for rootfs/mps.
+
`quota`=`<boolean>` ;;
Enable user quotas inside the container (not supported with zfs subvolumes)