Mount host directory into LXC container

Francesco Piraneo G.

Member
Jun 11, 2019
41
2
13
51
Hi everybody,
I'm stuck about mounting an host directory into an LXC container; the directory has to be read/write and the container is unpriviledged.

Some googling leads me to bind mount points but the instructions here doesn't looks very clear for me; moreover issuing a command like:

pct set 103 --mp0 /host/dir /container/mount/point
(where 103 is my container ID)

leads to result:
400 too many arguments
pct set <vmid> [OPTIONS]

I tried to directly modify the file in /var/lib/lxc/103/config following the indications in LXC.CONTAINER.CONF but it seems that this file is overwritten every time the container is started.

A working example and / or a link to document is strongly appreciated.

TIA
Francesco
 
fiona

fiona

Proxmox Staff Member
Staff member
Aug 1, 2019
2,938
626
118
Hi,
the correct syntax for the pct command is
Code: 
pct set 103 -mp0 mp=/host/dir,/container/mount/point
See here for more information.

If you want to modify the container config directly, you need to use the one in /etc/pve/nodes/NODE/lxc/ID.conf.
 

Francesco Piraneo G.

Member
Jun 11, 2019
41
2
13
51
Hi Fabian
thank you for your answer.
I've noticed that the syntax to achieve the result is:
Code: 
pct set 103 -mp0 /host/dir,mp=/container/mount/point
(note the position of mp= to designate the mountpoint into the container)
This is equal to what stated into the wiki.

As user I strongly suggest you to amend the wiki to be more clear about the syntax and where to find the file; it's true that what you written is in the doc but it was quite hard to me to understand without knowing.

As a future release the function to handle the mountpoints from the web interface can be useful.

Now I have a question about the permission: Has the shared directory on the host side to be a+rwx or a less privileged permission is ok?

Moreover I noticed that the mountpoint inside the container is automatically created but not removed leaving an empty dir when the mountpoint is removed from the configuration file.

I wrote all these considerations hoping can be useful to others.

Thank you again! F.
 
fiona

fiona

Proxmox Staff Member
Staff member
Aug 1, 2019
2,938
626
118
Francesco Piraneo G. said:
Hi Fabian
thank you for your answer.
I've noticed that the syntax to achieve the result is:
Code: 
pct set 103 -mp0 /host/dir,mp=/container/mount/point
(note the position of mp= to designate the mountpoint into the container)
This is equal to what stated into the wiki.
Click to expand...
Sorry, I accidentally switched the paths.

As user I strongly suggest you to amend the wiki to be more clear about the syntax and where to find the file; it's true that what you written is in the doc but it was quite hard to me to understand without knowing.
Click to expand...
It is mentioned in the wiki page, in the man page for pct and in the Proxmox Container Toolkit chapter of the documentation. You just have to search for "bind mount". Where else should it also be or do you mean the way it's currently worded is hard to follow?

As a future release the function to handle the mountpoints from the web interface can be useful.
Click to expand...

I'm quite sure that's on someones to-do-list, but you can always create a feature request on the bugtracker.

Now I have a question about the permission: Has the shared directory on the host side to be a+rwx or a less privileged permission is ok?
Click to expand...

See this wiki page for more information. You don't have to set a+rwx permissions, if you correctly set up UID/GID mapping for the container.

Moreover I noticed that the mountpoint inside the container is automatically created but not removed leaving an empty dir when the mountpoint is removed from the configuration file.
Click to expand...
That is normal behavior, otherwise when unmounting the system would need to know whether the directory was specifically created for mounting something. Basically, it's not umount's business to remove files.

I wrote all these considerations hoping can be useful to others.

Thank you again! F.
Click to expand...
 
fiona

fiona

Proxmox Staff Member
Staff member
Aug 1, 2019
2,938
626
118
Hi,
Jsingh said:
Is mounting a zfs data set using bind mounts secure and suitable for access control? From what I read in the documentation, its not.
Click to expand...
can you link to where did you read that? If you set up the user ID mappings and ACLs correctly (use zfs set acltype=posixacl <dataset> to enable), I'd guess that it should be fine (but I'm not a security expert).
 
UdoB

UdoB

Renowned Member
Proxmox Subscriber
Nov 1, 2016
509
146
68
Germany
Jsingh said:
My intent is to create a samba share using a bind mount point inside a container and authentication for multiple users using active directory. Is this scenario feasible?
Click to expand...

Yes, but it is not trivial - there are a lof of small details that need to fit to offer a seamless experience.

For this I am using the "zamba"-part of this project: https://github.com/bashclub/zamba-lxc-toolbox

Best regards
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!
Community platform by XenForo® © 2010-2022 XenForo Ltd.
Top Bottom