23 lines
1.1 KiB
Markdown
23 lines
1.1 KiB
Markdown
---
|
|
id: 83f90a8e-b4a9-4858-a273-c17dd680f3a9
|
|
type: solution
|
|
title: "Proxmox API token cannot set LXC feature flags on privileged containers"
|
|
tags: [proxmox, api, lxc, permissions, homelab, fix]
|
|
importance: 0.7
|
|
confidence: 0.8
|
|
created: "2026-02-08T04:17:39.644059+00:00"
|
|
updated: "2026-03-05T03:43:52.805980+00:00"
|
|
relations:
|
|
- target: 384eebbd-a2fd-41a5-93aa-a0f8c332686d
|
|
type: BUILDS_ON
|
|
direction: incoming
|
|
strength: 0.5
|
|
- target: 0381e6a1-d6f0-4441-9911-31b633f619c3
|
|
type: RELATED_TO
|
|
direction: incoming
|
|
strength: 0.65
|
|
edge_id: 0db54077-d3d5-4d21-b4a1-122c08b79146
|
|
---
|
|
|
|
The Proxmox API token (even root@pam\!tokenname) cannot set feature flags like nesting=1,keyctl=1 on privileged LXC containers. Error: '403 Forbidden: Permission check failed (changing feature flags for privileged container is only allowed for root@pam)'. Workaround: Use SSH to Proxmox host and run pct create directly instead of the API. The pct CLI running as root@pam has full permissions. This affects the proxmox_client.py create_container method when passing features parameter.
|