“EPERM: Operation not permitted.” when adding bind mount as datastore

N

norbo80

New Member
Jan 13, 2024
4
0
1
Hello,

I had Proxmox Backup Server (PBS) installed bare metal with Proxmox Virtual Environment (PVE). Following advice from fellow Redditors, I decided to set up PBS within an LXC container. During my initial installation, I had a ZFS pool on an external HDD. Now, I’ve imported the Zpool into PVE using the command

zpool import BackupHDD -f
then I added mp0: /mnt/BackupHDD,mp=/mnt/BackupHDD to /etc/pve/lxc/101.conf (binding)

Now I can see my files from external HDD in /mnt/BackupHDD on the LXC container. However, when I try to add /mnt/BackupHDD as a datastore in PBS, I receive the error message: “EPERM: Operation not permitted.”

Here are some details:

  • The permissions on the host for /mnt/BackupHDD
    owned by nobody:nogroup
    .
  • The LXC container is not locked.
  • Container is unprevileged

I tried also add to /etc/pve/lxc/101.conf:

lxc.idmap: u 0 100000 1005
lxc.idmap: g 0 100000 1005

But I'm not sure if I do this correctly.


/etc/pve/lxc/101.conf

Code: 
arch: amd64
cores: 2
features: nesting=1
hostname: pbs
memory: 2048
mp0: /mnt/datastore/BackupHDD,mp=/mnt/BackupHDD
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.250.1,hwaddr=BC:24:11:D2:62:CC,ip>
ostype: debian
rootfs: local-lvm:vm-101-disk-0,size=16G
swap: 2048
unprivileged: 1
lxc.idmap: u 0 100000 1005
lxc.idmap: g 0 100000 1005


Code: 
root@pve:/mnt/datastore/BackupHDD# ls -l
total 6
drwxr-xr-x 4 backup backup    4 Feb 12 20:31 ct
drwxr-xr-x 2 root   root      3 Feb 10 18:04 hostbackup
-rw-r--r-- 1 root   root   1444 Feb 10 18:03 hostbackuppve-root-backup-2024_02_10.tar.gz

root@pve:/mnt/datastore/BackupHDD# id backup
uid=34(backup) gid=34(backup) groups=34(backup)
root@pve:/mnt/datastore/BackupHDD# id root
uid=0(root) gid=0(root) groups=0(root)

PBS:

root@pbs:/mnt/BackupHDD# ls -l
total 6
drwxr-xr-x 4 nobody nogroup    4 Feb 12 19:31 ct
drwxr-xr-x 2 nobody nogroup    3 Feb 10 17:04 hostbackup
-rw-r--r-- 1 nobody nogroup 1444 Feb 10 17:03 hostbackuppve-root-backup-2024_02_10.tar.gz

pbs:/mnt/BackupHDD# id nobody
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)




Any ideas on how to resolve this issue? Has anyone encountered a similar problem?
 
norbo80 said:
Hello,

I had Proxmox Backup Server (PBS) installed bare metal with Proxmox Virtual Environment (PVE). Following advice from fellow Redditors, I decided to set up PBS within an LXC container. During my initial installation, I had a ZFS pool on an external HDD. Now, I’ve imported the Zpool into PVE using the command

zpool import BackupHDD -f
then I added mp0: /mnt/BackupHDD,mp=/mnt/BackupHDD to /etc/pve/lxc/101.conf (binding)

Now I can see my files from external HDD in /mnt/BackupHDD on the LXC container. However, when I try to add /mnt/BackupHDD as a datastore in PBS, I receive the error message: “EPERM: Operation not permitted.”

Here are some details:

  • The permissions on the host for /mnt/BackupHDD
    owned by nobody:nogroup
    .
  • The LXC container is not locked.
  • Container is unprevileged

I tried also add to /etc/pve/lxc/101.conf:

lxc.idmap: u 0 100000 1005
lxc.idmap: g 0 100000 1005

But I'm not sure if I do this correctly.


/etc/pve/lxc/101.conf

Code: 
arch: amd64
cores: 2
features: nesting=1
hostname: pbs
memory: 2048
mp0: /mnt/datastore/BackupHDD,mp=/mnt/BackupHDD
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.250.1,hwaddr=BC:24:11:D2:62:CC,ip>
ostype: debian
rootfs: local-lvm:vm-101-disk-0,size=16G
swap: 2048
unprivileged: 1
lxc.idmap: u 0 100000 1005
lxc.idmap: g 0 100000 1005


Code: 
root@pve:/mnt/datastore/BackupHDD# ls -l
total 6
drwxr-xr-x 4 backup backup    4 Feb 12 20:31 ct
drwxr-xr-x 2 root   root      3 Feb 10 18:04 hostbackup
-rw-r--r-- 1 root   root   1444 Feb 10 18:03 hostbackuppve-root-backup-2024_02_10.tar.gz

root@pve:/mnt/datastore/BackupHDD# id backup
uid=34(backup) gid=34(backup) groups=34(backup)
root@pve:/mnt/datastore/BackupHDD# id root
uid=0(root) gid=0(root) groups=0(root)

PBS:

root@pbs:/mnt/BackupHDD# ls -l
total 6
drwxr-xr-x 4 nobody nogroup    4 Feb 12 19:31 ct
drwxr-xr-x 2 nobody nogroup    3 Feb 10 17:04 hostbackup
-rw-r--r-- 1 nobody nogroup 1444 Feb 10 17:03 hostbackuppve-root-backup-2024_02_10.tar.gz

pbs:/mnt/BackupHDD# id nobody
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)




Any ideas on how to resolve this issue? Has anyone encountered a similar problem?
Click to expand...
Darn, I just stumbled on your post and was surprised to see no answer.

I'm tryring to do something similar and running into the same issue. Only difference is I have an NFS share that I'm passing through to my PBS container from PVE and attempting to mount that as a datastore. Getting the generic "EPERM: Operation not permitted." when attemping to create the datastore.

It's got to be something with privileges on the /mnt/$folder when it gets passed to the container as I see it owned by nobody:nogroup.

I keep running into small roadblocks like this and think I'm just going to run PBS as a VM on my PVE node and mount the NFS share directly within the VM. You could try the same by passing through the external disk to the PBS VM.
 
You must log in or register to reply here.
Top Bottom