Description
Description
Seems like you cannot remount /proc (anymore? never could? unsure) for LXC containers, at least in some cases.
It is persistently failing with the following error here (Ubuntu 22.04 inside Proxmox 8.2, kernel is 6.8.4):
TASK [devsec.hardening.os_hardening : Set option hidepid for proc filesystem] ***************************************
fatal: [quic-tests-lon1]: FAILED! => changed=false
ansible_facts:
discovered_interpreter_python: /usr/bin/python3
msg: |-
Error mounting /proc: umount: /proc: target is busy.
Solution
I would have filed it as a bug report, but given #460 (comment), I believe it might be better to allow leaving /proc as-is in general.
Allowing to skip it altogether also happens to match the similar toggles like os_mnt_boot_enabled, os_mnt_home_enabled, os_mnt_var_enabled, etc.
Alternatives
Figuring out whether it is intended for /proc to be remountable on LXC in the first place, and if yes finding the culprit between the Kernel, Proxmox, Ubuntu, and the Apparmor profiles of the host and guest... all for rather minimal value.
Additional information
I'm willing to make the PR for this feature to happen