lxc gid mapping help

[shading2490]

Im still learning, so I'm sorry if this maybe seems like a stupid question.

I have an lxc which already has these mappings so it can acces my mounted filesystem properly

lxc.idmap: g 0 100000 1000
lxc.idmap: u 0 100000 1000
lxc.idmap: u 1000 1000 1
lxc.idmap: g 1000 1000 1
lxc.idmap: u 1001 101000 64535
lxc.idmap: g 1001 101000 64535

Besides these mappings i would also like to map the render user from the host to the container

The gid's are as follows

render:x:106: lxc
render:x:104: host

lxc.idmap = g 106 104 1

i already tried the following but it throws an error:

lxc.idmap: invalid map entry 'g 106 104 1': container gid 106 is also mapped by entry 'g 0 100000 1000'
lxc_map_ids: 3701 newgidmap failed to write mapping "newgidmap: write to gid_map failed: Invalid argument": newgidmap 156125 0 100000 1000 1000 1000 1 1001 101000 64535 106 104 1
lxc_spawn: 1788 Failed to set up id mapping.

 

[leesteken]

lxc.idmap = g 106 104 1 overlaps with lxc.idmap: g 0 100000 1000, as the error message tells you.
You'll need something like this to replace it:
lxc.idmap: g 0 100000 106 lxc.idmap: g 106 104 1 lxc.idmap: g 107 100007 893
I might be off by 1 somewhere and maybe you'll need additional tweaks. Check other threads about this for more examples.

 

[Dunuin]

lxc.idmap: g 0 100000 1000 lxc.idmap: u 0 100000 1000

Here you are mapping GID 0 - 999 on the host to 100000 - 101000 in the LXC.

lxc.idmap = g 106 104 1

And here you are mapping GID 106 on the host to 104 in the LXC.
So you map GID 106 twice and that is why it is compaining.

 

[shading2490]

Thank you. Your posts helped me to understand the problem.