UID mapping / container backup

oliwel

Well-Known Member
Feb 11, 2018
40
1
48
49
Hi All,

I am looking for some help on the UID mapping stuff from lxc and hope somebody can provide some insight on that :)

I use PVE with LVM on SAN storage and want to backup my container disks using rsync. Basically I create a LVM snapshot of the containers disks, mount the snapshots in the root machine and use rsync to transfer them to my backup server. Works so far but: In the root context I see the mapped uids which makes it very cumbersome to restore individual files to a running guest.

Is there any option to have some kind of namespace or the like when mounting the drives so the mapped uids are visible from the root host?

best reagrds

Oliver
 
Hi,

if you use unprivileged container all UID will be mapped to UID + 100000.
This is like this feature work.
The security is that no user in a CT exists on the host.
You can set the UID remap in five blocks.
So you can say UID 0-1000 will be remapped and all others stay the same.
This setup where two blocks.
 
Hi Wolfgang,

thanks for your reply - this explains how the feature works but unfortunately not answer my question / solve the problem...

Is there a way to apply the UID mapping without entering the real container context? Might it be an option to create a "read only" container with a bash only on the fly mounting the snapshots so the UID mapping is "active" in the shell? I used Linux vServer for a long time where you had the option to create a shell inside the namespace without interfering with the actual container...

Oliver
 
You can try `lxc-usernsexec -m b:0:100000:65536 /bin/bash` after mounting, but then you'll effectively be user 100000 on the host, so you won't be able to copy files to your target unless you use some kind of authentication in between (eg. using rsync over ssh).
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!