Problems mounting host storage to unprivileged container

S

slamdunce

New Member
Feb 6, 2023
2
0
1
I know it's a common post on here, but I haven't been able to piece together how to make this work. I've got a Turnkey Torrent CT that runs transmission, with a debian-trasmission user/group at 109:115. I would like to be able to mount a directory from the Proxmox host (e.g., /mnt/hdd/folder) to the CT so that it can be used for Trasmission torrent storage. I have changed ownership of the /mnt/hdd/folder to be 1005:1005, and added the following to my /etc/pve/lxc/101.conf:

Code: 
lxc.idmap: u 0 100000 109
lxc.idmap: u 109 1005 1
lxc.idmap: u 110 100110 65425
lxc.idmap: g 0 100000 115
lxc.idmap: g 115 1005 1
lxc.idmap: g 116 100116 65419

With this, I successfully change ownership inside the container so that debian-transmission owns the mounted folder, but then I lose ownership of /etc/tramission-daemon/settings.json (now set to nobody:nogroup. Because of that, Transmission can't start. How do I keep ownership of files on the CT as they are, while adding permission to the mounted directory?

Or... am I doing this whole thing wrong? Basically, I want to use an HDD for a bunch of different storage things attached to a variety of containers, and still be able to make some available via Samba shares. I'd like to do it in the best way, so if there's a best practice I'm missing, please let me know
 
Hi, who is the owner of of /etc/tramission-daemon/settings.json on the container filesystem? You can check using pct mount 101 and ls -n /var/lib/lxc/101/rootfs/etc/transmission-daemon/settings.json. I'd guess it's 100109 (the default counterpart host uid of container uid 109). This would also explain why the file owner is nobody:nogroup inside the container: Since the idmaps define no mapping of host uid 100109, the file appears to be owned by nobody:nogroup inside the container. To fix that, I guess you could change the owner to 1005:1005 in the mounted rootfs on the host.

... but whether there is a better way, I don't know :)
 
Last edited:
Interesting. You were right about it being owned by uid 100109. I could change that to 1005:1005, but that feels like it would lead to a game of wack-a-mole trying to find all of the files owned by 100109 and change them. But maybe that's just how it works.
 
You could try chown's --from option, e.g. chown -R --from=100109 1005 /var.../rootfs. But again, not sure if this would be considered best practice.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back