uid mappings

  1. K

    Introduce new mapping for each unprivileged container

    Hello, I'd like to set up a collection of unprivileged containers, each with access to a different ZFS dataset. Since the default mapping between host and container UID/GID is always the same, this seems to introduce a security risk. If a container is compromised, the attacker could access all...
  2. P

    UID and GID mapping - LXC, OMV and Host

    Hello, The last weeks/months I've read a lot of posts regarding this issue, but I still haven't figured it out how to solve it. I'm running Proxmox with one LXC containter. I also have one external NAS running OMV. I want that a specific user in the LXC contaner should have write permissions...
  3. B

    Unprivileged_LXC_containers bind mounts

    Hey there, I try to pass a NFS folder from a NAS through the pve into an container. I'm able to acces the folder on the host (and edit it) but in my Container I just can see it but get the notorious acces denied error. I was using this as a guide on how to set things up. From what I read around...
  4. E

    Help needed with UID remapping for bind mounts

    After remapping UID, my container errors out during reboot. I got the following error message: lxc_map_ids: 3701 newuidmap failed to write mapping "newuidmap: uid range [0-3002) -> [100000-103002) not allowed": newuidmap 1395810 0 100000 3002 3002 3002 1 3003 103003 62533 lxc_spawn: 1788 Failed...
  5. S

    uid/gid allocation for nested LXD in unprivileged container

    Hi everyone, I am trying to configure Gitlab runners with custom LXD executors inside proxmox's LXC container. Basically, I want to be able to spin-up LXC containers inside Proxmox's unprivileged LXC container. I did the following: 1. Created unprivileged Ubuntu 22.04 LXC container with...
  6. P

    How to share bulk storage across guests using Samba or mount points?

    I've setup my hardware storage layer using LVM/LVM thin, and now I'm trying to figure out how to share bulk storage across guests (e.g. between a Debian server and a Jellyfin container) in such a way that it's not included in container back-ups. I've found two approaches: 1. Samba on Proxmox...
  7. B

    [TUTORIAL] Bind Mount: LXC UID Mappings with multiple Containers

    Hi, While researching this I stumbled up on an older thread discussing bind mounts to Linux Containers and UID/GID mapping here. The unanswered question @John Driessen asked can't get out of my head: Normally when we think about unprivileged LXC it's ID on host = ID on guest + 100 000. But...
  8. D

    Accessing files from Host in CT

    Hey, I'm new to Proxmox. I want to setup a Nextcloud in a Ubuntu Container and want to use a ZFS dataset that is mounted on the HOST under /media/nextcloud/. Before, I did not use Proxmox and just had Ubuntu installed on the machine directly and used this dataset to store all nextcloud data...
  9. P

    Help with UID/GID Mapping Between CTs

    I'm having some trouble mapping the UID/GIDs between two LXC containers: plex and deluge. Here are the configs: Plex CT: # UID mapping, plex uid is 998 lxc.idmap: u 0 100000 998 lxc.idmap: u 998 1234 1 lxc.idmap: u 999 100999 63536 # GID mapping, plex gid is 998 lxc.idmap: g 0 100000 998...
  10. N

    [SOLVED] Problems migrating LXC from Ubuntu2004 to Proxmox

    Hey guys! I recently started using Proxmox and I am really happy with it. Thanks for the great work so far! I tried to migrate some of my LXCs from Ubuntu 2004 to Proxmox 7.1 but I am having problems with the UID/GID mapping. What I did so far: 1. I mounted the LXC storage of my Ubuntu...
  11. E

    idmap of roots

    Hello, I can't find anywhere how to idmap root in the host with root in a container. I do not have other users at the moment. Root uid and gid is 0 and all example expect some number which makes it confusing. Can somebody help? Regards Here is what I have: /etc/pve/lxc/101.conf: arch: amd64...
  12. V

    Lxc with mount folder and no permissions to write files

    Hello guys, i create a mount for my external USB Hard drive, add mapping in the container config file like this: mp0: /home/nextcloud, mp=/home/nextcloud After restart my Container with ID 600, i can access into /home/nextcloud and see files in folder but i cant create files. I think its...
  13. T

    [SOLVED] How to use UIDs/GIDs higher than 65535 in CT (LXC)

    Hi all, I have an application that requires to use uid/gids starting from 70000 (http://vmm.localdomain.org/) but that seems to be not possible if you use unprivileged CTs. Is there any way of doing this? Thanks, Antonio Huete
  14. M

    [SOLVED] LXC Container bind mount: map all uid/gid to a single uid/gid on the host

    Hello, I have trouble to access a bind mount from inside the container and Im unsure, how to solve it. The container is created unprivileged and contains a Ubuntu 18.04. Each file that is created inside the container, should have uid=1197 and gid=1000 on the host. I created two bind mounts...
  15. G

    Need extra range for uid in unprivileged lxc containers

    Hi, I need to allow some bigger uid than the default one (65536) in LXC containers (eg. mine is >72000 and new users are >120000 in the LDAP). As i understand lxc.idmap definition (in UID MAPPINGS section of linux.container manpage), these lines (in /etc/pve/local/lxc/2100.conf file) should...
  16. M

    LXC UID/GID Mappings

    I can't get this container to run properly when the mappings are 200000. The container will start but I'm unable to login or access ssh. However, without the mappings the container runs fine. I can't figure out why I can't use another range for this container. I have also added the range in both...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!