[EDIT] So... it turns out that you can find many answers to question by R'ing the FM (or W as the case may be).
For the sake of any other fellow noobs who stumble upon this thread. The "Using local directory bind mount points" section of the following page in the wiki pretty much answered my questions.
https://pve.proxmox.com/wiki/Unprivileged_LXC_containers
I'm gradually transitioning my primary FreeNAS server to Proxmox and I was just wondering how I'd deal with ZFS dataset permissions when the datatset is mounted to one or more LXC CTs.
The FreeNAS way of doing things that I'm used to is to replicate the UID and GID used within a Jail (the FreeBSD equivalent to a container) on the host/in the FreeNAS "userland". For example, you might have a Syncthing Jail. You'd have a syncthing user and group with GID and UID 983. In order for the syncthing user to write to a dataset mounted within the Jail, you have make sure that the dataset is owned by a user with the same GID or UID of 983.
Is the same true of Proxmox with ZFS Datasets mounted to CTs using bind mounts? More to the point, can I create a user on the Proxmox host with the same GID and UID as a user within an unprivileged CT and have full access (depending on how the dataset permissions are set) to the dataset mount via a bind mount?... which touches on another question. I know that unprivileged CTs have their root user UID set to +10000 on the host, is the same true of any/all of the other default users within an unprivileged CT? And is the same true of users/groups that I create within an unprivileged CT?
For the sake of any other fellow noobs who stumble upon this thread. The "Using local directory bind mount points" section of the following page in the wiki pretty much answered my questions.
https://pve.proxmox.com/wiki/Unprivileged_LXC_containers
I'm gradually transitioning my primary FreeNAS server to Proxmox and I was just wondering how I'd deal with ZFS dataset permissions when the datatset is mounted to one or more LXC CTs.
The FreeNAS way of doing things that I'm used to is to replicate the UID and GID used within a Jail (the FreeBSD equivalent to a container) on the host/in the FreeNAS "userland". For example, you might have a Syncthing Jail. You'd have a syncthing user and group with GID and UID 983. In order for the syncthing user to write to a dataset mounted within the Jail, you have make sure that the dataset is owned by a user with the same GID or UID of 983.
Is the same true of Proxmox with ZFS Datasets mounted to CTs using bind mounts? More to the point, can I create a user on the Proxmox host with the same GID and UID as a user within an unprivileged CT and have full access (depending on how the dataset permissions are set) to the dataset mount via a bind mount?... which touches on another question. I know that unprivileged CTs have their root user UID set to +10000 on the host, is the same true of any/all of the other default users within an unprivileged CT? And is the same true of users/groups that I create within an unprivileged CT?
Last edited: