LXC Bind Mount Points to non-root users

W

wrotebyreuben

Active Member
Jan 31, 2017
8
2
43
38
Sorry if this has been asked before, but I am unsure of correct terminology.

I have a CIFS mount on host: /mnt/shares/Videos
On my plex CT I have the following in conf:
mp0: /mnt/freenas_shares/Videos,mp=/Videos

In the CT /Videos I can r/w as root. However plex runs as plex user, which has no write permissions to /Videos (I'm trying to setup recordings).
I thought I might try and add plex to the root group:
usermod -a -G root plex

But still no write permissions.

Is there any quick way to solve this? Otherwise I might resort to running plex as root.

Thanks,
Reuben
 
I got it to work, but not an elegant solution.
In LXC container for plex:
root@plex:~# id plex
uid=111(plex) gid=118(plex) groups=118(plex),0(root)

Then in /etc/fstab of Proxmox host added a new entry just for plex:
//freenas.blab/Videos /mnt/freenas_shares/PlexVideos cifs uid=111,gid=118,credentials=/etc/samba/user,noexec 0 0

Then changed the /etc/pve/lxc conf file to for the new mountpoint:
mp2: /mnt/freenas_shares/PlexVideos,mp=/PlexVideos

And it works!

If there is a better way I'd love to know, I'm guessing people using iSCSI or NFS probably don't have this issue.
 
Hi fireon thanks for the response.

Sorry I was not able to follow along completely.

On Proxmox host in /proc/mounts the mount is showing the acl option:
//freenas.blab/Videos /mnt/freenas_shares/Videos cifs rw,noexec,relatime,vers=1.0,cache=strict,username=reuben,domain=FREENAS,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.7,unix,posixpaths,serverino,mapposix,acl,rsize=1048576,wsize=65536,actimeo=1 0 0

On the host if I touch a file in that share (test) and run:
setfacl -m "u:1000:rw" test

I get the following:
setfacl: test: Input/output error

I tried to setfacl in the LXC container as well (after installing acl) but get the same output.

Anymore suggestions? Wasn't quite sure what you meant by "But in LXCcontainer that must be enabled before."
 
You must log in or register to reply here.
Top Bottom