unpriviledged container idmap

M

mdahamshi

New Member
Jan 4, 2021
8
0
1
34
Hey
I downloaded the turnkey file-server, then bound mounted some zfs storage, I cannot write to the storage, (nobody,nogroup)
I followed this guide:
https://pve.proxmox.com/wiki/Unprivileged_LXC_containers

but it didn't work ! (I try to run sleep from the container and it get 101005 uid in host)
What I did wrong ?


system details:
lxc/102.conf (host)
/etc/subuid (host)
/etc/subgid (host)

at host :
fileserver:x:1005:1005::/home/fileserver:/bin/bash

at container:
fileserver:x:1005:1005::/home/fileserver:/bin/bash
 
Last edited:
root@mmd-server:~# ls -l /mmd_server/tmp/
total 5
-rw-r--r-- 1 fileserver nas_users 950 Jan 3 12:41 102.conf
-rw-r--r-- 1 fileserver nas_users 0 Jan 2 22:38 a
 
the permission is ok
when I run sleep 1001 in the container, and then do a ps in the host, the user id is still 101005 (it should be 1005 because of the mapping)
 
Please try lxc.idmap: u 1005 101005 1 and lxc.idmap: g 1005 101005 1 instead of the 1005 1005 mapping you have currently.
That works for me (when mapping the video group from the host to a container). I do not think that the mapping actually changes the user ID on the host.
 
it didn't help
avw said:
Please try lxc.idmap: u 1005 101005 1 and lxc.idmap: g 1005 101005 1 instead of the 1005 1005 mapping you have currently.
That works for me (when mapping the video group from the host to a container). I do not think that the mapping actually changes the user ID on the host.
Click to expand...
it didn't help :(
 
avw said:
Can you try without using snapshots? I'm not sure if the lxc.idmap lines are applied correctly because they are below [s0] and the mp lines are above it.
Click to expand...
Thank you very much :D
I removed the snapshot, then automatically the idmap lines removed (maybe there was something wrong with them) now I pasted them under unprivileged: 1 , and it worked !
Thank you again.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back