[SOLVED] lxc uid mapping woes

L

lifeboy

Renowned Member
Oct 1, 2014
344
12
83
Stellenbosch, South Africa
greentree.systems
I'm struggling to understand from the example here what the complete logic is behind the uid/gid mapping.

I have a container (100). I want to map uid 1034 (which I created for this purpose) to uid 1034 inside the lxc.

So, following the example in the above documentation, I added to /etc/pve/lxc/100.conf:

Code: 
lxc.idmap: u 0 100000 1034
lxc.idmap: g 0 100000 1034
lxc.idmap: u 1034 1034 1
lxc.idmap: g 1034 1034 1
lxc.idmap: u 1035 101035 64530
lxc.idmap: g 1035 101035 64530

then modified

Code: 
# cat /etc/subuid
root:1034:1
# cat /etc/subgid
root:1034:1

Now when I start lxc 100, I get this error.

Code: 
lxc_map_ids: 3087 newuidmap failed to write mapping "newuidmap: uid range [0-1034) -> [100000-101034) not allowed": newuidmap 158145 0 100000 1034 1034 1034 1 1035 101035 64530
lxc_spawn: 1783 Failed to set up id mapping.
__lxc_start: 2073 Failed to spawn container "100"
startup for container '100' failed

As soon as I remove all the above, the container start again.

The documentation is sparse on this, so what is going wrong please?
 
hi,

your container config has the wrong range,
(65535 - 1034 = 64501). in the example it's done for id 1005 (65535 - 1005 = 64530).
it should look like this:
Code: 
lxc.idmap: u 0 100000 1034
lxc.idmap: g 0 100000 1034
lxc.idmap: u 1034 1034 1
lxc.idmap: g 1034 1034 1
lxc.idmap: u 1035 101035 64501
lxc.idmap: g 1035 101035 64501

/etc/subuid and /etc/subgid looks correct.

try this config and it should probably work
 
You must log in or register to reply here.
Top Bottom