[SOLVED] ERROR on backup restore of a LXC container: "Cannot change ownership to uid 65534, gid 65534: Invalid argument"

J

jrhbcn

New Member
Mar 19, 2023
2
1
3
Hi,

I am trying to restore a backup of an LXC container from one pve host to another one (different clusters, I am just copying the dump backup to the new host and restore). The LXC container is unpriviledge with keyctl and nesting on. Also there is a mount bind and user mapping on the config like this:

Code: 
arch: amd64
cores: 2
features: keyctl=1,nesting=1
hostname: media
memory: 512
mp0: /mnt/pve/data,mp=/data
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.1.1,hwaddr=42:27:23:1E:E5:E0,ip=192.168.1.17/24,type=veth
ostype: debian
rootfs: local-lvm:vm-117-disk-0,size=3G
swap: 0
unprivileged: 1
lxc.idmap: u 0 100000 1000
lxc.idmap: u 1000 1000 1
lxc.idmap: u 1001 101001 64530
lxc.idmap: g 0 100000 1000
lxc.idmap: g 1000 1000 1
lxc.idmap: g 1001 101001 64530
lxc.idmap: g 65534 165534 1

I have moved the backup to the new pve server, both old server (where backup comes from) and new server have /etc/subuid and /etc/subgid like:

Code: 
root:1000:1
root:100000:65536
media:165536:65536

When I try to restore the backup I gest the following error:

Code: 
recovering backed-up configuration from 'local:backup/vzdump-lxc-117-2023_03_19-08_47_17.tar.zst'
restoring 'local:backup/vzdump-lxc-117-2023_03_19-08_47_17.tar.zst' now..
extracting archive '/var/lib/vz/dump/vzdump-lxc-117-2023_03_19-08_47_17.tar.zst'
tar: ./etc/vzdump/pct.conf: Cannot change ownership to uid 65534, gid 65534: Invalid argument
tar: ./etc/vzdump/pct.fw: Cannot change ownership to uid 65534, gid 65534: Invalid argument
Total bytes read: 1189570560 (1.2GiB, 291MiB/s)
tar: Exiting with failure status due to previous errors
TASK ERROR: unable to restore CT 117 - command 'lxc-usernsexec -m u:0:100000:1000 -m u:1000:1000:1 -m u:1001:101001:64530 -m g:0:100000:1000 -m g:1000:1000:1 -m g:1001:101001:64530 -m g:65534:165534:1 -- tar xpf - --zstd --totals --one-file-system -p --sparse --numeric-owner --acls --xattrs '--xattrs-include=user.*' '--xattrs-include=security.capability' '--warning=no-file-ignored' '--warning=no-xattr-write' -C /var/lib/lxc/117/rootfs --skip-old-files --anchored --exclude './dev/*'' failed: exit code 2

Any ideas what I can do for it to work? Thanks,
 
Hi, I think the problem is that the custom id mapping is missing a mapping for container uid 65534. This is the nobody user, who is also the owner of /etc/vzdump/pct.conf and /etc/vzdump/pct.fw in the backup archive.

This line:
Code: 
lxc.idmap: u 1001 101001 64530
only maps container uids from 1001 to 65530. You could try extending this line to also include 65534, e.g.
Code: 
 lxc.idmap: u 1001 101001 64535
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back