Permissions with migrated LVM volume

P

pgcudahy

Member
Jan 14, 2023
9
0
6
Hello, I previously had a samba server for timemachine backups hosted on a raspberry pi that I'd like to now migrate to my proxmox server. The raspberry pi data was on a usb disk formatted as LVM. I exported the drive with vgexport and then it was automatically recognized by proxmox and I could mount it to my unprivileged LXC container (turnkey fileserver) by running sudo pct set 101 -mp0 /dev/backupVG/backupLV,mp=/mnt/backup. The files are all there but the ownership and permissions are not right.

On the Pi I had /mnt/backup owned by the pi user, but then there were folders for the backups owned by other users that backed up their computers to the pi, eg, I had a user "pgcudahy" that owned /mnt/backup/pgcudahy. Now on the proxmox LXC container I get

Code: 
root@fileserver /mnt/backup# ls -lh /mnt/backup
total 4.0K
drwxrwsr--  5 nobody nogroup 4.0K Jan 14 12:02 pgcudahy
root@fileserver /mnt/backup# ls -lh /mnt/backup/pgcudahy
ls: cannot access '/mnt/backup/pgcudahy/MacbookServer.sparsebundle': Permission denied
ls: cannot access '/mnt/backup/pgcudahy/Patrick'$'\342\200\231''s MacBook Air (331).sparsebundle': Permission denied
total 0
d????????? ? ? ? ?            ?  MacbookServer.sparsebundle
d????????? ? ? ? ?            ? 'Patrick'$'\342\200\231''s MacBook Air (331).sparsebundle'

And when I try and run chown on /mnt/backup/pgcudahy, I get chown: changing ownership of '/mnt/backup/pgcudahy': Operation not permitted

How can I fix these ownership issues? I've tried following https://pve.proxmox.com/wiki/Unprivileged_LXC_containers but get confused. I have a user 'pgcudahy' on the host with a UID of 1000. Am I trying to map the container UID 0 to the host UID of 1000? I modified /etc/pve/lxc/101.conf with
Code: 
lxc.idmap: u 0 100000 1000
lxc.idmap: g 0 100000 1000
lxc.idmap: u 1000 101000 1
lxc.idmap: g 1000 101000 1
lxc.idmap: u 1001 101001 64530
lxc.idmap: g 1001 101001 64530
/etc/subuid with "root:1000:1", and /etc/subgid with "root:1000:1" under that assumption but no change. The guide also recommends running chown -R 1005:1005 /mnt/bindmounts/shared but I also don't know how to change the owner of the lvm volume on the host since /dev/backupVG/backupLV isn't mounted on the host.
 
Last edited:
Hi,
while the container is down, you can use pct mount <ID> to mount it in /var/lib/lxc/<ID>/rootfs on the host. Then you can go there, check the current owner. Is it 1000 on the host? To unmount it, use pct unmount <ID>.

Now, you can either:
  • chown to an ID in the container's range starting from 100000, i.e. add the user ID for the user in the container that should own the files.
  • Make the host user ID that is currently owning the files available in the container via mapping (assuming it's 1000 on the host)
    Code: 
    lxc.idmap: u 0 100000 1000
lxc.idmap: g 0 100000 1000
lxc.idmap: u 1000 1000 1
lxc.idmap: g 1000 1000 1
lxc.idmap: u 1001 101001 64535
lxc.idmap: g 1001 101001 64535
    This maps the container user ID 1000 to host user ID 1000, while mapping all other IDs as before.
 
You must log in or register to reply here.
Top Bottom