[SOLVED] Mount SMB/CIFS share to lxc with write permissions

V

vkoenig

New Member
Sep 2, 2024
3
0
1
Hello,

here's my situation:
I have a VM running Truenas Core which has some SMB shares with ACL configured
I want to mount one of these shares to my unprivileged Docker container, so i added it as storage in the Proxmox web ui and i can write to that share from the terminal of the node and from an external machine. I tried using a mount point to mount the directory (to which the share is mounted in Proxmox, Fig. 1) to a directory in the lxc, and I can read from it but not write to it (Fig. 2). When i do a ls -l (Fig. 3) in the Container it says that it is owned by nobody:nogroup. I'm not sure about UID/GID remapping because I couldn't find enough documentation so I'm stuck rn.

Thanks in advance

EDIT: phrasing
 

Attachments

  • Fig 1.png
    Fig 1.png
    4.5 KB · Views: 41
  • Fig 2.png
    Fig 2.png
    4.5 KB · Views: 40
  • Fig 3.png
    Fig 3.png
    2.5 KB · Views: 38
Last edited:
EDIT:
Problem solved. UID/GID remapping fixed the Problem. It didn't work originally because of a bug in the fstab file caused by mount.cifs and an incompatible version of smb/samba
 
vkoenig said:
EDIT:
Problem solved. UID/GID remapping fixed the Problem. It didn't work originally because of a bug in the fstab file caused by mount.cifs and an incompatible version of smb/samba
Click to expand...
Hi I am facing the same challenge, can you please share your actual fix? Did you just chown the folder to a different owner? If not, how did you fix it by the UID/GID remapping?
 
Hi,
so after updating all smb/samba things to the newest version, it worked.
The cifs share is in a truenas scale vm on the same proxmox machine and mounted in the proxmox installation with following text in the fstab file:

//***blurred***/ncdata /mnt/ncshare/ cifs credentials=***blurred***,uid=1005,gid=1005 0 0

the container in which it is mounted has a normal mount point setup:

mp0: /mnt/ncshare/,mp=/mnt/ncshare/

then the container has uid/gid remapping configured:

lxc.idmap: u 0 100000 1005
lxc.idmap: g 0 100000 1005
lxc.idmap: u 1005 1005 1
lxc.idmap: g 1005 1005 1
lxc.idmap: u 1006 101006 64530
lxc.idmap: g 1006 101006 64530

and after rebooting the container the mount directory is owned by 1005:1005 and you should have write access. You shouldn't have to do anything with chown
 
You must log in or register to reply here.
Top Bottom