Permissions with migrated LVM volume

[pgcudahy]

Hello, I previously had a samba server for timemachine backups hosted on a raspberry pi that I'd like to now migrate to my proxmox server. The raspberry pi data was on a usb disk formatted as LVM. I exported the drive with vgexport and then it was automatically recognized by proxmox and I could mount it to my unprivileged LXC container (turnkey fileserver) by running sudo pct set 101 -mp0 /dev/backupVG/backupLV,mp=/mnt/backup. The files are all there but the ownership and permissions are not right.

On the Pi I had /mnt/backup owned by the pi user, but then there were folders for the backups owned by other users that backed up their computers to the pi, eg, I had a user "pgcudahy" that owned /mnt/backup/pgcudahy. Now on the proxmox LXC container I get

root@fileserver /mnt/backup# ls -lh /mnt/backup
total 4.0K
drwxrwsr--  5 nobody nogroup 4.0K Jan 14 12:02 pgcudahy
root@fileserver /mnt/backup# ls -lh /mnt/backup/pgcudahy
ls: cannot access '/mnt/backup/pgcudahy/MacbookServer.sparsebundle': Permission denied
ls: cannot access '/mnt/backup/pgcudahy/Patrick'$'\342\200\231''s MacBook Air (331).sparsebundle': Permission denied
total 0
d????????? ? ? ? ?            ?  MacbookServer.sparsebundle
d????????? ? ? ? ?            ? 'Patrick'$'\342\200\231''s MacBook Air (331).sparsebundle'

And when I try and run chown on /mnt/backup/pgcudahy, I get chown: changing ownership of '/mnt/backup/pgcudahy': Operation not permitted

How can I fix these ownership issues? I've tried following https://pve.proxmox.com/wiki/Unprivileged_LXC_containers but get confused. I have a user 'pgcudahy' on the host with a UID of 1000. Am I trying to map the container UID 0 to the host UID of 1000? I modified /etc/pve/lxc/101.conf with

lxc.idmap: u 0 100000 1000
lxc.idmap: g 0 100000 1000
lxc.idmap: u 1000 101000 1
lxc.idmap: g 1000 101000 1
lxc.idmap: u 1001 101001 64530
lxc.idmap: g 1001 101001 64530

/etc/subuid with "root:1000:1", and /etc/subgid with "root:1000:1" under that assumption but no change. The guide also recommends running chown -R 1005:1005 /mnt/bindmounts/shared but I also don't know how to change the owner of the lvm volume on the host since /dev/backupVG/backupLV isn't mounted on the host.

 

[fiona]

Hi,
while the container is down, you can use pct mount <ID> to mount it in /var/lib/lxc/<ID>/rootfs on the host. Then you can go there, check the current owner. Is it 1000 on the host? To unmount it, use pct unmount <ID>.

Now, you can either:

• chown to an ID in the container's range starting from 100000, i.e. add the user ID for the user in the container that should own the files.
• Make the host user ID that is currently owning the files available in the container via mapping (assuming it's 1000 on the host)

  lxc.idmap: u 0 100000 1000
  lxc.idmap: g 0 100000 1000
  lxc.idmap: u 1000 1000 1
  lxc.idmap: g 1000 1000 1
  lxc.idmap: u 1001 101001 64535
  lxc.idmap: g 1001 101001 64535

  This maps the container user ID 1000 to host user ID 1000, while mapping all other IDs as before.
  

 

[pgcudahy]

Perfect, thanks