Acl and LXC container [SOLVED]

I was trying to setup deployer based on this guide.

I keep getting,

setfacl: bootstrap/cache: Operation not supported

Upon investigating for solutions I came across this .
The result of
mount | grep acl


lxd/containers/dev0 on / type zfs (rw,relatime,xattr,noacl)

Does that mean acl is not supported inside containers ?
Could this be the issue with setfacl not being supported.

I am still looking to see if it could be an issue with permissions.

Found the problem. Zfs by default does not allow acl. At least the setfacl part.

Upon researching some more I came across this post by @stgraber on github. The post is back from 2016 but there could still be potential problems with acl + zfs and the solution I am posting should not be used for data-sensitive situations until @stgraber clears it.


zfs list

on your server to list all container names.

You should see something like this :


To allow acl in zfs file system of one of your containers one can use :

zfs set acltype=posixacl lxd/containers/X

where X is the name of your container.

Restart your container.

Check acl presence using :
mount | grep acl

Mine showed :
lxd/containers/dev0 on / type zfs (rw,relatime,xattr,posixacl)

This can also be set to default using the following command.

sudo zfs set acltype=posixacl lxd/containers

1 Like

This is fine, LXD actually does set those attributes for you in new storage pools.