[SOLVED] Reset UID/GID mappings

U

uruloki01

New Member
Jun 28, 2020
1
0
1
64
I have been trying to work my way through using bind mounts in unprivileged containers (https://pve.proxmox.com/wiki/Unprivileged_LXC_containers#Using_local_directory_bind_mount_points). Since I have been unable to get it to work, I tried resetting everything to try again to the point of wiping out my containers and clearing out /etc/subuid and /etc/subgid. Now, I can't make any containers.

Code: 
  Logical volume "vm-101-disk-0" created.
mke2fs 1.44.5 (15-Dec-2018)
Discarding device blocks:    4096/3932160               done                           
Creating filesystem with 3932160 4k blocks and 983040 inodes
Filesystem UUID: 00d81563-4df1-41dc-a619-0fea5f3db505
Superblock backups stored on blocks:
    32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208

Allocating group tables:   0/120       done                           
Writing inode tables:   0/120       done                           
Creating journal (16384 blocks): done
Multiple mount protection is enabled with update interval 5 seconds.
Writing superblocks and filesystem accounting information:   0/120       done

extracting archive '/var/lib/vz/template/cache/ubuntu-20.04-standard_20.04-1_amd64.tar.gz'
lxc 20200628201057.948 ERROR    conf - conf.c:lxc_map_ids:2779 - newuidmap failed to write mapping "newuidmap: uid range [0-65536) -> [100000-165536) not allowed": newuidmap 27570 0 100000 65536
Failed to write id mapping for child process
lxc 20200628201057.948 ERROR    utils - utils.c:lxc_switch_uid_gid:1341 - Invalid argument - Failed to switch to gid 0
  Logical volume "vm-101-disk-0" successfully removed
TASK ERROR: unable to create CT 101 - command 'lxc-usernsexec -m u:0:100000:65536 -m g:0:100000:65536 -- tar xpf - -z --totals --one-file-system -p --sparse --numeric-owner --acls --xattrs '--xattrs-include=user.*' '--xattrs-include=security.capability' '--warning=no-file-ignored' '--warning=no-xattr-write' -C /var/lib/lxc/101/rootfs --skip-old-files --anchored --exclude './dev/*'' failed: exit code 1

Where is the mapping coming from that is trying to change 27570?
What are the default values for /etc/subuid and /etc/subgid? I have tried with blank and with root:1000:1 in them.
 
Hi,
seems like it ends up using the process ID for some reason if there is no /etc/sub{g,u}id file.
The default content in both files is:
Code: 
root:100000:65536

EDIT: It's not actually trying to use the process ID as part of the mapping, that's just log information. When /etc/subuid is empty or doesn't allow the range LXC wants to map (i.e. 100000 to 165535), then of course LXC fails.
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back