Hello,
I have a VM with shared nfs-exports and want to access them want to access them from an unprivileged LXC (via bindmounts).
But I have problems with configuring the ID mapping.
Given:
1. VM with shared nfs-exports:
The UID/GIDs are:
2. PVE Enviroment with mounted nfs
nfs-mount
File-Access works
Bindmount for client container
3. LXC where I want to have access on the nfs-share
I have tried a lot of different variants & configurations without success, i.e.:
1)
2) different combinations of id_mappings (
plus
But I didn't find the right combinations yet and getting tired from trial-and-error ...
Maybe someone can give me a configuration, which will work for my use-case.
Please note: I don't want to change the owner on the origin nfs-share (chown -R). The nfs-share should be unchganged and I want to access ths nfs-share read-only from this LXC.
Thanks & Best Regards Markus
I have a VM with shared nfs-exports and want to access them want to access them from an unprivileged LXC (via bindmounts).
But I have problems with configuring the ID mapping.
Given:
1. VM with shared nfs-exports:
ll /mnt/Daten/Fotosdrwxrws--- 1 media users 128 Jan 5 13:39 ./drwxrwxr-x 1 administrator users 182 Apr 1 18:48 ../drwxrwxr-x 1 media users 378 Jan 2 18:37 Markus/The UID/GIDs are:
UID=1003 for mediaGID=100 for users2. PVE Enviroment with mounted nfs
nfs-mount
192.168.178.30:/mnt/Daten/Fotos on /mnt/bindmounts/AppData/Immich_Fotos type nfs4 (rw,relatime,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=192.168.178.11,local_lock=none,addr=192.168.178.30)File-Access works
ls -l /mnt/bindmounts/AppData/Immich_Fotos/total 0drwxrwxr-x 1 1003 users 378 Jan 2 18:37 MarkusBindmount for client container
/etc/pve/lxc/900.confmp0: /mnt/bindmounts/AppData/Immich_Fotos,mp=/mnt/Immich_Fotos3. LXC where I want to have access on the nfs-share
ls -l /mnt/Immich_Fotos/ls: cannot open directory '/mnt/Immich_Fotos/': Permission deniedI have tried a lot of different variants & configurations without success, i.e.:
1)
groupmod -g 100100 immich_nas && usermod -aG immich_nas root2) different combinations of id_mappings (
lxc.idmap = u 0 1003 1, lxc.idmap = g 0 100 1) in the container .confplus
/etc/subuid & /etc/subgid inside the LXC-containerBut I didn't find the right combinations yet and getting tired from trial-and-error ...
Maybe someone can give me a configuration, which will work for my use-case.
Please note: I don't want to change the owner on the origin nfs-share (chown -R). The nfs-share should be unchganged and I want to access ths nfs-share read-only from this LXC.
Thanks & Best Regards Markus
Last edited: