Restore LXC backup taken from LVM to ZFS - permission denied.

W

whataboutpereira

Member
Oct 6, 2019
41
4
13
46
Hello!

I've this one container on a node with LVM storage that I now want to move to another node with ZFS storage.

Both the source and target are running PVE v7.1. The container is unprivileged on the source node.

Restore on the ZFS node fails with permissions denied. I can successfully restore it on the source node AND I can restore it on the destination node with --unprivileged 0.

Is there anything I can do to restore it as unprivileged on the destination node?

Code: 
$ pct restore 190 /var/lib/vz/dump/vzdump-lxc-190-2021_12_13-18_07_50.tar.zst --storage local-zfs
recovering backed-up configuration from '/var/lib/vz/dump/vzdump-lxc-190-2021_12_13-18_07_50.tar.zst'
restoring '/var/lib/vz/dump/vzdump-lxc-190-2021_12_13-18_07_50.tar.zst' now..
extracting archive '/var/lib/vz/dump/vzdump-lxc-190-2021_12_13-18_07_50.tar.zst'
tar: /var/lib/lxc/190/rootfs: Cannot open: Permission denied
tar: Error is not recoverable: exiting now
unable to restore CT 190 - command 'lxc-usernsexec -m u:0:100000:65536 -m g:0:100000:65536 -- tar xpf - --zstd --totals --one-file-system -p --sparse --numeric-owner --acls --xattrs '--xattrs-include=user.*' '--xattrs-include=security.capability' '--warning=no-file-ignored' '--warning=no-xattr-write' -C /var/lib/lxc/190/rootfs --skip-old-files --anchored --exclude './dev/*'' failed: exit code 2

Configuration as backed up on the source:

Code: 
arch: amd64
cores: 2
cpulimit: 1.5
hostname: hostname.domain.com
memory: 512
mp0: /dev/backup/backup,mp=/mnt/backup
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=46:DA:CA:F6:6D:80,ip=dhcp,type=veth
onboot: 1
ostype: centos
rootfs: local-lvm:vm-190-disk-0,size=8G
swap: 0
unprivileged: 1

/etc/subuid and /etc/subgid look identical on both nodes.
 
Last edited:
Uh oh. I fired it up as privileged now which resulted in:

Code: 
-bash: /etc/profile: Permission denied
-bash-4.4$

Statting my home dir shows:

Code: 
Access: (0700/drwx------)  Uid: ( 1001/ UNKNOWN)   Gid: ( 1001/ UNKNOWN)
 
whataboutpereira said:
Uh oh. I fired it up as privileged now which resulted in:

Code: 
-bash: /etc/profile: Permission denied
-bash-4.4$

Statting my home dir shows:

Code: 
Access: (0700/drwx------)  Uid: ( 1001/ UNKNOWN)   Gid: ( 1001/ UNKNOWN)
Click to expand...

Apparently permissions are broken also on the original node after restoring from backup (where I could restore without errors in unprivileged mode). On the node with ZFS storage I can restore it with only privileged mode, but permissions are likewise broken.
 
I now manager to restore the container on ZFS with unprivilieged 1 accompanied by nesting 1, but permissions are still broken.

/home/user:

Code: 
Access: (0700/drwx------)  Uid: ( 1001/ UNKNOWN)   Gid: ( 1001/ UNKNOWN)

bash-4.4$ whoami
whoami: cannot find name for user ID 1001: Permission denied

/etc/passwd inside the container:

Code: 
user:x:1001:1001::/home/user:/bin/bash
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom