I recently updated our LXC custom template to Debian 10 Buster and started using it for new projects. While setting up MariaDB on a container using the new template I ran into the following error:

Failed to set up mount namespacing: Permission denied

After a quick google search, I found this post on the Proxmox forums. It appears that my error is a result of a bug in Debian. The full bug report is available here. The bug has already been patched but we are waiting on the upstream fix to make it to Proxmox.

Fortunately, there is a simple fix for this while we wait. The container must have “Nesting” enabled to allow MariaDB to start. The forum post I found originally stated this, but it wasn’t very clear on how to implement it. So here are the two ways to add this to a container’s profile.

Proxmox GUI

Note: You must be logged in as the root user to use this option.

To enable nesting on a container from the Proxmox management interface, navigate to the container and then go to the “Options” menu.

Then double click the “Features” line to bring up the available options for it. From that menu, enable the “Nesting” option.

Hit OK to save the changes.

Now reboot the container for the changes to apply. Once the container boots the MariaDB service will start.

Container’s Config File

Connect to the shell of the host that the container is running on. This can be done using SSH or from the Proxmox UI.

Proxmox hosts store the LXC config files in /etc/pve/lxc . The files are named using the container’s CT ID.

Open the config file that corresponds to your container. To edit the file you will require root privileges, so either change to the root user or if you have sudo setup use it. In my case, I need to change to the root user.

Add a new line at the bottom of the first block of parameters. If the container has snapshots, there may be multiple blocks of parameters. On the new line add the following text and save the file.

features: nesting=1

The final result will look something like this:

Now reboot the container. Once it has booted the MariaDB service will start.