Container mount permissions

andypm1982

New Member
Feb 19, 2023
12
2
1
Hi.

I have followed the guide i found linked for mounting existing zfs storage and i can see my folder structure inside navigator but i am unable to see any of the existing folder contents.

I can create and delete new folders/files i just cannot see the existing stuff.

Thanks.

1723301430655.png
 
Last edited:
What guide?
What have you mounted where, and which protocol do you use to access this folder structure?

i followed the below linked guide and used

pct set 102 -mp0 /storage_pool,mp=/storage_pool

102 being my lxc container id and the /storage being the zfs dataset im trying to access.

I can see all the folders within the pool in the lxc container from navigator but it doesnt show the folder contents?

https://pve.proxmox.com/wiki/Unprivileged_LXC_containers

i took ownership of the pool using chown -R 1005:1005 /storage_pool and navigator shows the owner as being 1005 which from my understanding is root on proxmox.

i think my issue is i dont know what the 1005 uid is actually doing. i wasnt able to find any good explanations of this.

thanks.
 
Last edited:
Thanks for the answer and the link. That should basically fit.


i took ownership of the pool using chown -R 1005:1005 /storage_pool and navigator shows the owner as being 1005 which from my understanding is root on proxmox.
I have not tested it now... but changing the owner within the CT should be enough. So Root you should always see everything.
What happens if you execute inside the CT as root:

Code:
chown -R <your_user:your_group> /storage_pool

Will the owner and the group change?


If this does not solve the problem, please post your VM config pct config 102 and I will try to reproduce it.
 
Thanks for the answer and the link. That should basically fit.



I have not tested it now... but changing the owner within the CT should be enough. So Root you should always see everything.
What happens if you execute inside the CT as root:

Code:
chown -R <your_user:your_group> /storage_pool

Will the owner and the group change?


If this does not solve the problem, please post your VM config pct config 102 and I will try to reproduce it.
Many thanks. I will try this this evening and come back to you.

The only thing I will add is the existing pool was imported from truenas. The ssd holding truenas died and I decided to give proxmox a try over importing my truenas backup.

I forced the import and if I navigate the folders from pve shell I can see all the contents, just not from within the lxc container which is a Debian based cockpit install.
 
Last edited:
Thanks for the answer and the link. That should basically fit.



I have not tested it now... but changing the owner within the CT should be enough. So Root you should always see everything.
What happens if you execute inside the CT as root:

Code:
chown -R <your_user:your_group> /storage_pool

Will the owner and the group change?


If this does not solve the problem, please post your VM config pct config 102 and I will try to reproduce it.

OK when i tried to run the command you provided i got "chown: changing ownership of '/storage_pool/Media': Operation not permitted"

my 104.conf is as follows

arch: amd64
cores: 4
features: nesting=1
hostname: cockpit
memory: 8192
mp0: /Storage_Pool,mp=/storage_pool
net0: name=eth0,bridge=vmbr0,firewall=1,gw=172.24.1.1,hwaddr=BC:24:11:B1:A0:55,ip=172.24.1.21/24,type=veth
onboot: 1
ostype: debian
rootfs: ssd-zfs:subvol-104-disk-0,size=20G
swap: 512
unprivileged: 1
# uid map: from uid 0 map 1005 uids (in the ct) to the range starting 100000 (on the host), so 0..1004 (ct) → 100000>
lxc.idmap = u 0 100000 1005
lxc.idmap = g 0 100000 1005
# we map 1 uid starting from uid 1005 onto 1005, so 1005 → 1005
lxc.idmap = u 1005 1005 1
lxc.idmap = g 1005 1005 1
# we map the rest of 65535 from 1006 upto 101006, so 1006..65535 → 101006..165535
lxc.idmap = u 1006 101006 64530
lxc.idmap = g 1006 101006 64530
 
Please test it with a privileged container and tell me if it works.
 
Hi there. Sorry for the delay ive been out of state. I assumed by testing it privileged it was just changing the 1 to a 0 in the conf file.

I did this and im still unable to see the shared folder contents.

I can see the folders just not the contents.

Thanks.

1725109466381.png
1725109441393.png
 

Attachments

  • 1725109417491.png
    1725109417491.png
    20.8 KB · Views: 0
Hi there. Sorry for the delay ive been out of state. I assumed by testing it privileged it was just changing the 1 to a 0 in the conf file.
And if you create a completely new fresh privileged container, just for testing? Because here in my tests (ubuntu 22.04) everything works as it should.
 
I followed a youtube guide i found this morning and created another CT based on an existing template that is privilaged and still i can see the folders but not the contents. When i browse the root of /Storage_Pool in proxmox i can see the entire contents


1725290192032.png
1725290210316.png
 
Last edited:
Strange, and if you have a view directly in the Container with root at this folder?
 
i can view the directories located inside the mount but not the contents from within the container.

this is a fresh container so none of the id mapping has been done just purely mounted at this point

1725293028758.png

1725293207431.png
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!