Privileged LXC CT mount bind - folder access root only?

kitsab

New Member
Sep 25, 2019
6
0
1
46
Hello community,

I tried to setup up a LXC container with mp0: /mnt/bindmounts/vdr,mp=/srv/vdr/video/archive.
*it is a ext4 formated HDD installed inside the proxmox workstation mounted to /mnt/bindmounts/vdr.

I started this with an unprivileged container, soon I realized I'll not be able to write data to the mountpoint.

Then I started over using a privileged container, now root can write to the mountpoint, but only root - other users inside the privileged container are still not able to write to the mountpoint.

Is there a way to get user access for 1 or more other users, else than root?

Thanks for suggestions and advice.

Best regards

Kitsab
 
Last edited:
Sounds a lot like the permissions are too strict.

Either set the permissions or the owner accordingly on '/mnt/bindmounts/vdr'.
 
Hello,

thanks for the suggestions, I already tried to set different owners on PVE (host) /mnt/bindmounts subdirectories.
owners are the same users name/uid/gid like in the privileged container, but anyway only root can access the folders inside the LXC container.
for all other users the mounted folder is shown like this: d ????????? ? ? ? ? ? archive

I also did chmod -R 666 to folders /mnt/bindmounts/archive and data

ls -la:
[kitsab@vdr video]$ ls -la
ls: cannot access 'archive': Permission denied
total 12
drwxr-xr-x 4 root root 4096 Sep 26 18:05 .
drwxr-xr-x 3 root root 4096 Sep 25 14:19 ..
d????????? ? ? ? ? ? archive
drwxr-xr-x 2 root root 4096 Sep 26 18:05 plugins

I have not yet tried to do uid and gid mapping, the tutorial on Proxmox WIKI (for unprivileged LXC CTs) tells how to make users able to read such mount points by moving UIDs and GIDs above 100000. But it is also stated, that those UIDs and GIDs are not able to write stuff in generic.

Thanks and best regards

Kitsab
 
Last edited:
I also did chmod -R 666 to folders /mnt/bindmounts/archive and data

Directories need execution permissions in order to be accessed. Add the x permission to all the dirs in the path and then users other than root should be able to access it.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!