Proxmox Container Toolkit
=========================
include::attributes.txt[]
+:pve-toplevel:
endif::manvolnum[]
ifdef::wiki[]
-:pve-toplevel:
:title: Linux Container
endif::wiki[]
kernel security bug rather than an LXC issue. The LXC team thinks
unprivileged containers are safe by design.
+
+Guest Operating System Configuration
+------------------------------------
+
+We normally try to detect the operating system type inside the
+container, and then modify some files inside the container to make
+them work as expected. Here is a short list of things we do at
+container startup:
+
+set /etc/hostname:: to set the container name
+
+modify /etc/hosts:: to allow lookup of the local hostname
+
+network setup:: pass the complete network setup to the container
+
+configure DNS:: pass information about DNS servers
+
+adapt the init system:: for example, fix the number of spawned getty processes
+
+set the root password:: when creating a new container
+
+rewrite ssh_host_keys:: so that each container has unique keys
+
+randomize crontab:: so that cron does not start at the same time on all containers
+
+Changes made by {PVE} are enclosed by comment markers:
+
+----
+# --- BEGIN PVE ---
+<data>
+# --- END PVE ---
+----
+
+Those markers will be inserted at a reasonable location in the
+file. If such a section already exists, it will be updated in place
+and will not be moved.
+
+Modification of a file can be prevented by adding a `.pve-ignore.`
+file for it. For instance, if the file `/etc/.pve-ignore.hosts`
+exists then the `/etc/hosts` file will not be touched. This can be a
+simple empty file creatd via:
+
+ # touch /etc/.pve-ignore.hosts
+
+Most modifications are OS dependent, so they differ between different
+distributions and versions. You can completely disable modifications
+by manually setting the `ostype` to `unmanaged`.
+
+OS type detection is done by testing for certain files inside the
+container:
+
+Ubuntu:: inspect /etc/lsb-release (`DISTRIB_ID=Ubuntu`)
+
+Debian:: test /etc/debian_version
+
+Fedora:: test /etc/fedora-release
+
+RedHat or CentOS:: test /etc/redhat-release
+
+ArchLinux:: test /etc/arch-release
+
+Alpine:: test /etc/alpine-release
+
+Gentoo:: test /etc/gentoo-release
+
+NOTE: Container start fails if the configured `ostype` differs from the auto
+detected type.
+
+
[[pct_configuration]]
Configuration
-------------
time stamp (Unix epoch).
-Guest Operating System Configuration
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-We normally try to detect the operating system type inside the
-container, and then modify some files inside the container to make
-them work as expected. Here is a short list of things we do at
-container startup:
-
-set /etc/hostname:: to set the container name
-
-modify /etc/hosts:: to allow lookup of the local hostname
-
-network setup:: pass the complete network setup to the container
-
-configure DNS:: pass information about DNS servers
-
-adapt the init system:: for example, fix the number of spawned getty processes
-
-set the root password:: when creating a new container
-
-rewrite ssh_host_keys:: so that each container has unique keys
-
-randomize crontab:: so that cron does not start at the same time on all containers
-
-Changes made by {PVE} are enclosed by comment markers:
-
-----
-# --- BEGIN PVE ---
-<data>
-# --- END PVE ---
-----
-
-Those markers will be inserted at a reasonable location in the
-file. If such a section already exists, it will be updated in place
-and will not be moved.
-
-Modification of a file can be prevented by adding a `.pve-ignore.`
-file for it. For instance, if the file `/etc/.pve-ignore.hosts`
-exists then the `/etc/hosts` file will not be touched. This can be a
-simple empty file creatd via:
-
- # touch /etc/.pve-ignore.hosts
-
-Most modifications are OS dependent, so they differ between different
-distributions and versions. You can completely disable modifications
-by manually setting the `ostype` to `unmanaged`.
-
-OS type detection is done by testing for certain files inside the
-container:
-
-Ubuntu:: inspect /etc/lsb-release (`DISTRIB_ID=Ubuntu`)
-
-Debian:: test /etc/debian_version
-
-Fedora:: test /etc/fedora-release
-
-RedHat or CentOS:: test /etc/redhat-release
-
-ArchLinux:: test /etc/arch-release
-
-Alpine:: test /etc/alpine-release
-
-Gentoo:: test /etc/gentoo-release
-
-NOTE: Container start fails if the configured `ostype` differs from the auto
-detected type.
-
-
[[pct_options]]
Options
~~~~~~~
attempt with `pct start`, you need to run `pct start` at least once to also
update the configuration used by `lxc-start`.
+Locks
+-----
-Files
-------
+Container migrations, snapshots and backups (`vzdump`) set a lock to
+prevent incompatible concurrent actions on the affected container. Sometimes
+you need to remove such a lock manually (e.g., after a power failure).
-`/etc/pve/lxc/<CTID>.conf`::
+ pct unlock <CTID>
-Configuration file for the container '<CTID>'.
+CAUTION: Only do that if you are sure the action which set the lock is
+no longer running.
Container Advantages
ifdef::manvolnum[]
+
+Files
+------
+
+`/etc/pve/lxc/<CTID>.conf`::
+
+Configuration file for the container '<CTID>'.
+
+
include::pve-copyright.adoc[]
endif::manvolnum[]
projects / pve-docs.git / blobdiff