Search results for query: idmap

...it is mounted has a normal mount point setup: mp0: /mnt/ncshare/,mp=/mnt/ncshare/ then the container has uid/gid remapping configured: lxc.idmap: u 0 100000 1005 lxc.idmap: g 0 100000 1005 lxc.idmap: u 1005 1005 1 lxc.idmap: g 1005 1005 1 lxc.idmap: u 1006 101006 64530 lxc.idmap: g 1006...

Hello, I have an unprivileged lcx container where I changed the UID mapping in the file /etc/pve/lxc/101.conf. The file looks like this now: While I managed to get access to the mounted folder I was aiming for, I can't run any su command. I can't even change user with su - user. When I try to...

...none bind,optional,create=dir lxc.cgroup2.devices.allow: c 116:* rwm lxc.mount.entry: /dev/snd dev/snd none bind,optional,create=dir lxc.idmap: u 0 100000 65536 lxc.idmap: g 0 100000 5 lxc.idmap: g 5 5 1 lxc.idmap: g 6 100006 23 lxc.idmap: g 29 29 1 lxc.idmap: g 30 100030 14 I found...

.../ssh_key.pub # to add permissions mapping for nvidia video devices LXC_CONF_FILE="/etc/pve/nodes/proxmox/lxc/$vmid.conf" echo "lxc.idmap: u 0 100000 65536" >> "$LXC_CONF_FILE" echo "lxc.idmap: g 0 100000 44" >> "$LXC_CONF_FILE" echo "lxc.idmap: g 44 44 1" >> "$LXC_CONF_FILE" echo "lxc.idmap...

Try running this command in the lxc instead /usr/lib/jellyfin-ffmpeg/vainfo --display drm --device /dev/dri/renderD128 & This /usr/lib/jellyfin-ffmpeg/ffmpeg -v verbose -init_hw_device vaapi=va:/dev/dri/renderD128 -init_hw_device opencl@va

Using this lxc-idmap tool I was able to confirm the correctness of my configuration. However, I tried and the container starts fine but it seems like it doesn't have full root access to the renderD128 device and the following command: # vainfo --display drm --device /dev/dri/renderD128 fails...

...c 226:0 rwm lxc.cgroup2.devices.allow: c 226:128 rwm lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file lxc.idmap: u 0 100000 65536 lxc.idmap: g 0 100000 44 lxc.idmap: g 44 44 1 lxc.idmap: g 45 100045 62 lxc.idmap: g 107 104 1 lxc.idmap: g 108 100108 65428...

can youls -l /dev/dri and tell us what the output is

Hey sorry for the late reply, This looks like it would be ok. Does everything seem to be working in order? I think this line lxc.idmap: g 45 100045 61 you would have to put either 62 or 60 instead of 61 if it wasnt working for you

...none bind,optional,create=file. Removing this line from 101.conf enables the container to start normally. My 101.conf looks like this: lxc.idmap: u 0 100000 65536 lxc.idmap: g 0 100000 44 lxc.idmap: g 44 44 1 lxc.idmap: g 104 104 1 lxc.cgroup2.devices.allow: c 226:1 rwm...

...226, 128 Aug 20 23:32 renderD128 # cat /etc/group video:x:44 render:x:103 Is the following OK? # nano /etc/pve/lxc/<lxc_id>.conf lxc.idmap: u 0 100000 65536 lxc.idmap: g 0 100000 44 lxc.idmap: g 44 44 1 lxc.idmap: g 45 100045 61 lxc.idmap: g 106 103 1 lxc.idmap: g 107 100107 65429...

...on your host id are 44 and 104 and the uid and gid of video and render on the lxc are 44 and 106 that you do this instead to your lxc.conf lxc.idmap: u 0 100000 65536 lxc.idmap: g 0 100000 44 lxc.idmap: g 44 44 1 lxc.idmap: g 45 100045 61 lxc.idmap: g 106 104 1 lxc.idmap: g 107 100107 65429...

...the uid or gid the output is flipped. For example ill fill out 104 for the host id and 106 for the client id but the output will show this lxc.idmap: u 0 100000 104 lxc.idmap: g 0 100000 104 lxc.idmap: u 104 106 1 lxc.idmap: g 104 106 1 lxc.idmap: u 105 100105 65431 lxc.idmap: g 105 100105...

...a feeling LXC just do not get permissions to access shares, like the node, although it must have these permissions to do so. Hence, I blame idmap or something related with that. ls -l result makes me believe that something went wrong in last step NODE -> LXC, but not NAS -> NODE or NAS ->...

I myself dropped idmap at some point. Your main problem is most likely the Synology's NFS share. This can easily be overlooked in the heat of the moment. On the host itself I use something like async,rw,all_squash,anonuid=0,anongid=1300,no_subtree_check (Attention, I use this behind a WireGuard...

...ostype: debian rootfs: local-lvm:vm-100-disk-0,size=16G swap: 512 unprivileged: 1 lxc.idmap: u 0 100000 1000 lxc.idmap: g 0 100000 1000 lxc.idmap: u 1000 1001 1 lxc.idmap: g 1000 1001 1 lxc.idmap: u 1001 101001 64535 lxc.idmap: g 1001 101001 64535 /etc/subgid root:100000:65536...

...512 unprivileged: 1 # uid map: from uid 0 map 1005 uids (in the ct) to the range starting 100000 (on the host), so 0..1004 (ct) → 100000> lxc.idmap = u 0 100000 1005 lxc.idmap = g 0 100000 1005 # we map 1 uid starting from uid 1005 onto 1005, so 1005 → 1005 lxc.idmap = u 1005 1005 1 lxc.idmap...

...marios:x:1000: /etc/passwd marios:x:1000:1000::/home/marios:/bin/sh The tool generates the following: 1. Add to /etc/pve/lxc/%id%.conf: lxc.idmap: u 0 100000 44 lxc.idmap: g 0 100000 44 lxc.idmap: u 44 44 1 lxc.idmap: g 44 44 1 lxc.idmap: u 45 100045 60 lxc.idmap: g 45 100045 60 lxc.idmap...

...ostype: debian rootfs: pve-shared:103/vm-103-disk-0.raw,size=128G swap: 512 unprivileged: 1 lxc.idmap: u 0 100000 7000 lxc.idmap: g 0 100000 7000 lxc.idmap: u 7000 7000 1 lxc.idmap: g 7000 7000 1 lxc.idmap: u 7001 107001 58535 lxc.idmap: g 7001 107001 58535 root@pvex01:~# cat /etc/subuid...

...onboot: 1 ostype: debian rootfs: thinpool_vms:vm-201-disk-0,size=300G swap: 512 unprivileged: 1 lxc.idmap: u 0 100000 1010 lxc.idmap: g 0 100000 44 lxc.idmap: g 44 44 1 lxc.idmap: g 45 100045 60 lxc.idmap: g 105 103 1 lxc.idmap: g 106 100106 904 lxc.idmap: u 1010 1010 10 lxc.idmap: g 1010...