[SOLVED] Error when attempting to create new Containers

[Furyio]

Hi all,
Very new to proxmox, only built a new server using it this weekend while a bit challenging in parts very enjoyable.

I seem to be having an issue however with being unable to create containers manually, I receive the below error

Formatting '/var/lib/vz/images/106/vm-106-disk-0.raw', fmt=raw size=8589934592 preallocation=off
Creating filesystem with 2097152 4k blocks and 524288 inodes
Filesystem UUID: a64e14f2-e999-4bfc-bf2b-72b90c09d237
Superblock backups stored on blocks:
    32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632
extracting archive '/var/lib/vz/template/cache/debian-12-standard_12.2-1_amd64.tar.zst'
lxc 20240220115043.133 ERROR    conf - ../src/lxc/conf.c:lxc_map_ids:3701 - newuidmap failed to write mapping "newuidmap: uid range [0-65536) -> [100000-165536) not allowed": newuidmap 869786 0 100000 65536
Failed to write id mapping for child process
lxc 20240220115043.133 ERROR    utils - ../src/lxc/utils.c:lxc_drop_groups:1365 - Operation not permitted - Failed to drop supplimentary groups
lxc 20240220115043.133 ERROR    utils - ../src/lxc/utils.c:lxc_switch_uid_gid:1340 - Invalid argument - Failed to switch to gid 0
TASK ERROR: unable to create CT 106 - command 'lxc-usernsexec -m u:0:100000:65536 -m g:0:100000:65536 -- tar xpf - --zstd --totals --one-file-system -p --sparse --numeric-owner --acls --xattrs '--xattrs-include=user.*' '--xattrs-include=security.capability' '--warning=no-file-ignored' '--warning=no-xattr-write' -C /var/lib/lxc/106/rootfs --skip-old-files --anchored --exclude './dev/*'' failed: exit code 1

I have been using scripted installation methods (ttek scripts) which have worked fine and how I had containers created, but I want to start exploring creating my own and installing apps etc.

I feel it may be related to some files I changed when trying to get containers to be privelaged?

I followed the steps here
https://pve.proxmox.com/wiki/Unprivileged_LXC_containers

And feel like either the change I made is causing this or did not do it correctly.

 

[leesteken]

lxc 20240220115043.133 ERROR conf - ../src/lxc/conf.c:lxc_map_ids:3701 - newuidmap failed to write mapping "newuidmap: uid range [0-65536) -> [100000-165536) not allowed": newuidmap 869786 0 100000 65536
Failed to write id mapping for child process

Maybe you need to edit /etc/subuid and /etc/subgid to allow for mapping users and groups? Usually they both contain root:100000:65536 as set by the Proxmox installer.

 

[Furyio]

Maybe you need to edit /etc/subuid and /etc/subgid to allow for mapping users and groups? Usually they both contain root:100000:65536 as set by the Proxmox installer.

Yeah if I am honest with myself I am not sure what I went and changed when I was trying to solve a previous issue (allowing containers write to a zpool).

So I might need to work out how to revert my changes back to default. It was late saturday night and i was getting frustrated so didn't really take note of what I was doing

subuid contains

root:1005:1

subgid contains

root:1005:1

Which I believe was in the guide link I put above

 

[leesteken]

subuid contains

root:1005:1

subgid contains

root:1005:1

Which I believe was in the guide link I put above

The guide suggest adding those lines (for each ID that you want to map from the host) but you should never remove the root:100000:65536 lines added by Proxmox.

 

[Furyio]

The guide suggest adding those lines (for each ID that you want to map from the host) but you should never remove the root:100000:65536 lines added by Proxmox.

OK cool thanks. I have reverted the file and will test now

 

[Furyio]

Thank you very much for your help, this looks to be working now