LXC with idmap restore not working

A

adidas12762

New Member
May 12, 2024
1
0
1
Hello! My boot disk crashed. I've re-installed proxmox and am trying to restore my containers. I thought it would be as simple as pressing the restore button (which worked on the old system when I tested my backups) but it seems a previously working backup now gives errors. When I originally created the container, I thought it would be more secure to use the idmap option so that I could use unprivileged containers that only had the minimum necessary permissions. That seems to be creating issues now. I first verified that /etc/subuid and /etc/subgid are the same as before.

The specific error when I try to restore is:
tar: ./etc/vzdump/pct.conf: Cannot change ownership to uid 65534, gid 65534: Invalid argument
tar: ./etc/vzdump/pct.fw: Cannot change ownership to uid 65534, gid 65534: Invalid argument

My original config looked like this:
...
unprivileged: 1
lxc.idmap: u 0 100000 998
lxc.idmap: g 0 100000 998
lxc.idmap: u 998 1005 1
lxc.idmap: g 998 1005 1
lxc.idmap: u 999 100999 64530
lxc.idmap: g 999 100999 64537

Based on another post I think it should be:
...
unprivileged: 1
lxc.idmap: u 0 100000 998
lxc.idmap: g 0 100000 998
lxc.idmap: u 998 1005 1
lxc.idmap: g 998 1005 1
lxc.idmap: u 999 100999 64535
lxc.idmap: g 999 100999 64537

To fix this I have decompressed the archive, modified /etc/vzdump/pct.conf with the relevant changes. When I try to use tar and zstd to recompress the archive it doesn't seem to work to restore the lxc. Reading online, it seems there is something vzdump does when compressing besides simply using tar and zstd. What commands do I need exactly to recompress the archive? Is there another root cause?

Thank you for any help!
 
Last edited:
adidas12762 said:
lxc.idmap: u 999 100999 64535
Click to expand...
This should be:
Code: 
 lxc.idmap: u 999 100999 64537

To edit the container backup you can follow these steps:

Extract the container backup:
Code: 
zstd -d path/to/vzdump.tar.zst
mkdir /tmp/vzdump-edit
tar -xf path/to/vzdump.tar -C /tmp/vzdump-edit
rm path/to/vzdump.tar

Now edit the container config in /tmp/vzdump-edit/etc/vzdump/pct.conf.

After that the backup can be archived and compressed again:
Code: 
cd /tmp/vzdump-edit
tar -cf vzdump.tar .
zstd -z vzdump.tar
mv vzdump.tar.zst path/to/vzdump.tar.zst
 
  • Like
Reactions: adidas12762
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back