Proxmox VE: 7 - Can't set write permissions in LXC Docker for SMB Share

[Mahoraba]

Hey All,

I'm super-new to the whole virtualization/container world as well as Linux so I'm learning new things every day, so sorry for the awfulness in advance, I'm certain that It's something super simple that I'm missing. No matter what I do, I can't seem to get a LXC to have write permissions to a SMB share, at all.

I did find this thread that perfectly matches exactly what's happening to me here: https://forum.proxmox.com/threads/smb-share-in-lxc-container-permission-denied-on-write.87602/ But, their solution is problematic as my NAS solution is a TrueNas Scale VM running in the same Proxmox Node that I intend on using for the LXC Docker Instance.

Synopsis of my setup:

Drives are mounted to the TrueNas VM via passthrough, this is the two (I assume) important lines from the respective .conf file

sata5: /dev/disk/by-id/ata-WDC_WD120EFBX-68B0EN0_5QK4A5YB,size=11176G
virtio2: /dev/disk/by-id/ata-WDC_WD101EFBX-68B0AN0_VCJPX1DP,size=9314G

The share is mounted to the Proxmox host via Datacenter > Storage > Add > SMB/CIFS

The share is then mounted in the lxc containers .conf via the mp0 line below.

arch: amd64cores: 12
features: keyctl=1,nesting=1
hostname: docker-arrs
memory: 4096
mp0: /mnt/pve/media-plex-nas,mp=/mnt/media
net0: name=eth0,bridge=vmbr0,firewall=1,gw=10.0.0.1,hwaddr=D2:DE:CF:EA:6B:A6,ip=10.0.0.>
ostype: debian
rootfs: maho-pve-vms:vm-200-disk-0,size=50G
swap: 2048
unprivileged: 1

I've tried to change ownership or permissions of the mount point file and nothing ever changes, permissions remain this

drwxr-xr-x 2 nobody nogroup 0 Sep 21 00:42 media

Any help that anyone can provide as to insight for what I'm doing wrong is appreciated.

 

[Dunuin]

Did you read about user remapping when working with unprivileged LXCs?: https://pve.proxmox.com/wiki/Unprivileged_LXC_containers

UID/GID 0 to 65535 inside the unprivileged LXC are in reality UID/GID 100000 to 165535 on the host. So lets say you want to bindmount a folder from the host into the LXC so that UID/GID 1000 inside the LXC could access it, then you would need to mount that SMB share on the host as UID/GID 101000 if you don't want to manually edit the user remapping.

 

[Mahoraba]

Thanks, think I'm understanding. I'm stuck at the last part though when trying to change the owner on the host to match the GID/UID I set.

This doesn't seem to do anything

chown -R 1005:1005 /mnt/pve/media-plex-nas

mount ouput shows the gid/uid as 0. Again, I added this in the Proxmox gui from datacenter > storage > add >smb/cifs, I'd done it this way because trueNas lives on the PVE node here as well and adding it in datacenter means it'll keep looking for it to mount when it comes up (I assume I have to mount it this way, anyway)

//10.0.0.142/media-true-nas on /mnt/pve/media-plex-nas type cifs (rw,relatime,vers=3.1.1,cache=strict,username=maho,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.142,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsize=1048576,echo_interval=60,actimeo=1)

Do I need to mount this differently? Or Is there a different way to set the uid/gid here?

 

[Dunuin]

...,uid=0,...,gid=0,...

PVE mounts the SMB share as UID 0 and GID 0. Try to mount that share manually using fstab while setting SMB mount option to ...,uid=101005,gid=101005 or whatever you need inside the LXC.