[lxc-users] How to mount directories from $HOME into an unprivileged container?
Karma Kolabor
collaborista at gmail.com
Mon Aug 17 14:39:37 UTC 2015
Hi,
I am trying to mount a directory in a user home into an unprivileged
container run by a user (not root).
LXC generally works fine here, I just fight with the uid mapping details.
I added a line like this
lxc.mount.entry = /home/user/sites home/ubuntu/sites none bind 0 0
to the file
/home/user/.local/share/lxc/ubuntu-14-dev/config
it seems to work, however all files and directories belong to
nobody/nogroup - this makes usage a little but complicated.
I then added
lxc.id_map = u 1000 1000 1
lxc.id_map = g 1000 1000 1
to /home/user/.local/share/lxc/ubuntu-14-dev/config - but the
container does not start then, I get this errors:
lxc-start 1439776181.987 ERROR lxc_conf - conf.c:userns_exec_1:4379
- Error setting up child mappings
lxc-start 1439776181.987 ERROR lxc_cgmanager -
cgmanager.c:chown_cgroup:490 - Error requesting cgroup chown in new
namespace
lxc-start 1439776182.045 ERROR lxc_start - start.c:lxc_spawn:1034 -
failed to set up id mapping
lxc-start 1439776182.084 ERROR lxc_start - start.c:__lxc_start:1172
- failed to spawn 'ubuntu-14-dev'
lxc-start 1439776187.090 ERROR lxc_start_ui - lxc_start.c:main:344
- The container failed to start.
lxc-start 1439776187.091 ERROR lxc_start_ui - lxc_start.c:main:346
- To get more details, run the container in foreground mode.
lxc-start 1439776187.091 ERROR lxc_start_ui - lxc_start.c:main:348
- Additional information can be obtained by setting the --logfile and
--logpriority options.
How do I get the mapping right? I tried to figure, but got lost.
I want the directory to be the same owner/group like on the host.
Security is not of concern, this is a dev and test environment,
however I would like to have a shared directory.
Thank you very much for your attention,
have a nice day,
Karma
More information about the lxc-users
mailing list