https://forum.proxmox.com/threads/tun-devices-in-ve-4-lxc.23473/
To enable the tun/tap interface in a lxc container – eg. for Openvpn – one needs to edit the lxc configuration file.
Its default location for all containers is:
/etc/lxc/default.conf
and you have to add:
lxc.cgroup.devices.allow = c 10:200 rwm
This works in Proxmox 4.2, too.
note: be aware that the config file above applies to all lxc container on the host, if you want a more fine grained control edit /etc/pve/lxc/<ID>/<ID>.conf for Proxmox, or /var/lib/lxc/<container>/config for plain lxc.
To actually use a tun/tap device it must be created inside the container on every boot, so add the following to your/etc/rc.local inside your container:
if ! [ -c /dev/net/tun ]; then mkdir -p /dev/net mknod -m 666 /dev/net/tun c 10 200 fi
thats it!
============================
WoJ 2016-04-19 at 7:27 pm Reply
This has changed in the latest versions. Now one must use “lxc config” and “lxc profile” to make the changes (lxc.conf does not exist anymore)
Felix Brucker 2016-04-19 at 9:24 pm Reply
thanks for the heads up, the file can still be used though, it might just not be created by default
br
Comments NOTHING