hi all, i am migrating to jellyfin as a kodi replacement, and for this i intended to use the following setup:
now the first milestone was to get jellyfin and the media access up and running, including the UID/GID mapping, so the required mapping is:
Result: The mapping of the bind mount works, but now the UID of in-container files/directories is broken – jellyfin-owned files get mapped to "nobody"
(see "THE ERROR" below)
could anyone tell me why, or even better – how to "fix" this? because jellyfin will of course not run in this situation, and this feels like "that's not the way this is intended to be ...".
what i have unsuccessfully tried so far:
axel.
THE ERROR
THE PART WORKING
THE CONF / SETUID / SETGID FILES
THE SETUP
- a jellyfin LXC backend (naturally), installed via community scripts
- a "NAS" container to manage my files via web / SMB / ...
- ... both accessing the same files on the host via bind mount.
- the files on the host are mounted with nobody:nobody permissions, because there is no clear "owner" on the host system.
now the first milestone was to get jellyfin and the media access up and running, including the UID/GID mapping, so the required mapping is:
Result: The mapping of the bind mount works, but now the UID of in-container files/directories is broken – jellyfin-owned files get mapped to "nobody"
(see "THE ERROR" below)
could anyone tell me why, or even better – how to "fix" this? because jellyfin will of course not run in this situation, and this feels like "that's not the way this is intended to be ...".
what i have unsuccessfully tried so far:
- pretty much any combination within the xxx.conf file, either the system won't start, or the mapping will not work. (of course maybe i missed the EXACT right combination, sure, i just tried a lot of them ... )
- adding "
root:110:1" and/or "root:107:1" to/etc/set(u|g)id, but that did not help either. - reading tons of blog posts about the subject
axel.
THE ERROR
Bash:
# note the "nobody adm" uid/gids below
# WRONG UID
root@jelly:~# ll /var/lib/jellyfin -lad
drwxr-x--- 9 nobody adm 4096 Oct 17 21:43 /var/lib/jellyfin/
# after I REMOVING THE ID MAPPING from /etc/pve/lxc/...conf:
# CORRECT UID
root@jelly:~# ll /var/lib/jellyfin -lad
drwxr-x--- 9 jellyfin adm 4096 Oct 17 21:43 /var/lib/jellyfin/THE PART WORKING
Code:
# WITH the uid/gid mappings, the bind-mounted directory shows up correctly:
root@jelly:~# ll /srv/media/
drwxr-xr-x 2 jellyfin jellyfin 6 Jan 16 22:01 Movies/
drwxr-xr-x 2 jellyfin jellyfin 6 Jan 16 22:01 TvShows/
root@jelly:~# ll -n /srv/media/
drwxr-xr-x 2 107 110 6 Jan 16 22:01 Movies/
drwxr-xr-x 2 107 110 6 Jan 16 22:01 TvShows/
# after REMOVING THE UID/GID MAPPINGS, the bind mount's UID/GID are, expectedly, incorrect again
root@jelly:~# ll /srv/media/
drwxr-xr-x 2 nobody nogroup 6 Jan 16 22:01 Movies/
drwxr-xr-x 2 nobody nogroup 6 Jan 16 22:01 TvShows/
root@jelly:~# ll -n /srv/media/
drwxr-xr-x 2 65534 65534 6 Jan 16 22:01 Movies/
drwxr-xr-x 2 65534 65534 6 Jan 16 22:01 TvShows/THE CONF / SETUID / SETGID FILES
Code:
# xxx.conf
# non-important stuff removed
arch: amd64
# [...]
mp0: /srv/media,mp=/srv/media
lxc.idmap: u 0 100000 107
lxc.idmap: u 107 65534 1
lxc.idmap: u 108 100108 65428
lxc.idmap: g 0 100000 110
lxc.idmap: g 110 65534 1
lxc.idmap: g 111 100111 65425
Code:
# /etc/subuid
root:100000:65536
root:65534:1
Code:
# /etc/subgid
root:100000:65536
root:65534:1THE SETUP
Code:
┌─────────────────────────────────────┐
│ │
│ ┌──────────┐ ┌────────────┐ │
│ │ │ │ │ │
│ │ Jellyfin │ │ "NAS" LXC │ │
│ │ │ │ │ │
│ └┬─────────┘ └───────────┬┘ │
│ │uid/gid uid/gid │ │
│ │107:110 ???:??? │ │
│ │ │ │
│ │ │ │
│ │ nobody:nobody │ │
│ │ 65534:65534 │ │
│ └─────► /srv/media ◄───────┘ │
│ │
│ (Host-mounted media folder) │
│ │
│Host │
└─────────────────────────────────────┘