Can't correctly bind mount points (nobody nogroup error)

[bden16]

hey all,

I've been trying non stop for two days on that one, but I really can't find a solution, please help I'm desperate. So here's the thing: I want to share a folder hosted on my Proxmox node to a LXC container (102, for your info). I therefore chose to use a mountpoint but can only access it to read, not write. When I check the mounted files on the LXC side I get :

Here's the content of both /etc/subgid and /etc/subuid on the host:


And here's the result when I do id theuseriwant on the LXC container:



Here's also my 102.conf file:

arch: amd64
cores: 4
features: nesting=1
hostname: media-stack
memory: 6144
mp0: /mnt/pve/jellyfin,mp=/mnt/nas
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.128.1,hwaddr=BC:24:11:47:F3F,ip=192.168.128.18/23,type=veth
ostype: debian
rootfs: local-lvm:vm-102-disk-0,size=64G
swap: 2048
unprivileged: 1
lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file
lxc.idmap: u 0 100000 1000
lxc.idmap: g 0 100000 1000
lxc.idmap: u 1000 1000 1
lxc.idmap: g 1000 1000 1
lxc.idmap: u 1001 101001 64535
lxc.idmap: g 1001 101001 64535


i tried following this tutorial (https://pve.proxmox.com/wiki/Unprivileged_LXC_containers) but couldn't make my thing work properly with it).

thanks in advance to anyone who can help me!

 

[reinob]

how do the permissions (ownership) of /mnt/pve/jellyfin look as seen from the proxmox node?
hopefully it shows uid=1000 and gid=1000?

 

[bden16]

how do the permissions (ownership) of /mnt/pve/jellyfin look as seen from the proxmox node?
hopefully it shows uid=1000 and gid=1000?

Thanks for your answer! How can I check that? I'll send here the output right away

 

[reinob]

the easiest way I know would be to ssh to the proxmox node and run

# ls -ln /mnt/pve/jellyfin

It should show something like
drwxr-xr-x 8 1000 1000 4096 Apr 5 19:15 Whatever
..

 

[bden16]

Alright there's a first mistake: there's no /mnt/pve/jellyfin in the host

 

[reinob]

.. then I don't know what /mnt/nas should actually look like in the container?
I don't know what Proxmox does when a mount point is invalid/non-existent.
but yeah, correct that first

 

[bden16]

Alright, here's the update:
I corrected the path to the folder in my conf file for 102. Now doing ls -ln /mnt/nas/ on the node does the trick!


When trying to create a file with touch logged in as root it won't work, but it will with my user!



Thanks a lot, it was so silly I can't stand it! But now I have fully understood how this works, that's better than chatGPT's tutorial. I have no words, that's great!

 

[reinob]

hey at least you got the hardest part, the idmaps, right!
When I did something similar to what you've done it took me three tries until the idmaps were all correct!

 

[bden16]

Oh it took me WAAAAY more tries thant that, ngl xD

 

[bden16]

How can I flag the post as solved?