Specific UIDs on Unprivileged CT crashes at start

G

Giovanni

Renowned Member
Apr 1, 2009
101
5
83
Hi,

I'm following the instructions on mapping UID and GID from my proxmox host into an unprivileged container (here), I followed all the steps but I am not sure if the instructions are outdated for Debian Stretch and PVE 5.0?

On PVE host:
# useradd -u 3200 -g gmedia -M gmedia
# groupadd -g 3200 gmedia
Code: 
root@pve:~# cat /etc/subuid | grep gmedia
gmedia:3200:1
root@pve:~# cat /etc/subgid | grep gmedia
gmedia:3200:1

CT config
/etc/pve/lxc/106.conf
Code: 
root@pve:~# pct config 106
arch: amd64
cores: 6
hostname: torrent
memory: 1024
mp0: /gdata/xenu/torrentfiles,mp=/mnt/torrentfiles
mp1: /gdata/xenu/downloads,mp=/mnt/downloads
net0: name=eth0,bridge=vmbr2,hwaddr=02:05:e7:00:09:0b,ip=dhcp,type=veth
ostype: debian
rootfs: gdata-zfs:subvol-106-disk-1,size=8G
swap: 512
unprivileged: 1
lxc.id_map: u 3200 3200 1
lxc.id_map: g 3200 3200 1

error:
Code: 
root@pve:~# lxc-start -F -n 106
lxc-start: conf.c: chown_mapped_root: 3623 No mapping for container root
                                                                        lxc-start: conf.c: ttys_shift_ids: 3758 Failed to chown /dev/pts/8
 lxc-start: start.c: lxc_init: 471 Failed to shift tty into container.
                                                                      lxc-start: start.c: __lxc_start: 1329 Failed to initialize container "106".
        lxc-start: tools/lxc_start.c: main: 366 The container failed to start.
                                                                              lxc-start: tools/lxc_start.c: main: 370 Additional information can be obtained by setting the --logfile and --logpriority options.
                                                                       root@pve:~#

My goal: I am mapping /mypool/zfs/folder into an unprivileged container and I am hoping to use the same group/user IDs from the pve-host, so that folder write/access to the shares remain consistent among this container (106) as well as other CTs I am going to create with the same settings/mapping (so all containers that interact with the mount point use the same group/user and permissions)
 
Last edited:
Try changing the uid mapping in /etc/pve/lxc/106.conf to:
Code: 
# uid map: from uid 0 map 3200 uids (in the ct) to the range starting 100000 (on the host), so 0..3200 (ct) → 100000..103199 (host)
lxc.id_map = u 0 100000 3200
lxc.id_map = g 0 100000 3200

# we map 1 uid starting from uid 3200 onto 3200, so 3200 → 3200
lxc.id_map = u 3200 3200 1
lxc.id_map = g 3200 3200 1

# we map the rest of 65535 from 3201 up to 103201, so 3201..65535 → 103201..165535
lxc.id_map = u 3201 103201 62335
lxc.id_map = g 3201 103201 62335

Add this line to /etc/subuid:
Code: 
root:3200:1

Add this line to /etc/subgid:
Code: 
root:3200:1
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back