I have Proxmox 8.2.2 fresh test install (hostname is vbox-pve) with one unprivileged LXC container (hostname is pxvm-test, id is 100).
I created bind mount:
When folder /test/test is owned by root:root, and I try to access the bind mount from the container (as root), I get 'permission denied' as expected.
When I changed owner of /test/test to 150000:150000 (some high-mapped UID/GID), and I try to access the bind mount from container (as root), I get full access.
Proxmox host:
Container:
Host permissions don't allow non-owner write access to /test/test, but the access is granted.
When owner is 10000:150000, I get 'Permission denied'.
When owner is 150000:10000, I also get 'Permission denied'.
I didn't find, where this behavior was described in documentation.
Also tried this in Proxmox 8.3.1, results are the same.
Is it working as documented?
I created bind mount:
pct set 100 -mp0 /test/test,mp=/mnt/shared. When folder /test/test is owned by root:root, and I try to access the bind mount from the container (as root), I get 'permission denied' as expected.
When I changed owner of /test/test to 150000:150000 (some high-mapped UID/GID), and I try to access the bind mount from container (as root), I get full access.
Proxmox host:
[root@vbox-pve test$] chown 150000:150000 /test/test[root@vbox-pve test$] ls -l /testtotal 4drwxr-xr-x 2 150000 150000 4096 Dec 4 10:47 test[root@vbox-pve test$]Container:
root@pxvm-test:~# ls -l /mnttotal 4drwxr-xr-x 2 50000 50000 4096 Dec 4 07:47 sharedroot@pxvm-test:~# touch /mnt/shared/4.txtroot@pxvm-test:~# ls -l /mnt/sharedtotal 0-rw-r--r-- 1 root root 0 Dec 4 07:49 4.txtHost permissions don't allow non-owner write access to /test/test, but the access is granted.
When owner is 10000:150000, I get 'Permission denied'.
When owner is 150000:10000, I also get 'Permission denied'.
I didn't find, where this behavior was described in documentation.
Also tried this in Proxmox 8.3.1, results are the same.
Is it working as documented?