[lxc-users] Can I, or should I, "lxc.id_map = u 250 250 1"?

Fog_Watch db5 at exemail.com.au
Wed Jul 13 04:54:20 UTC 2016 

Hello,

I use Gentoo's Portage.  The Portage tree is NFS mounted into my host
and then bind mounted into an unprivileged container with:
$ grep portage /home/lxc/.local/lxc/hf/config
lxc.mount.entry = /usr/portage usr/portage none rw,bind 0 0 

The container starts with the following:
lxc.id_map = u 1000 250 1
lxc.id_map = g 1000 250 1

But with:
lxc.id_map = u 250 250 1
lxc.id_map = g 250 250 1

lxc-start -F -n hf #returns:
newuidmap: write to uid_map failed: Invalid argument
                                                    lxc-start: start.c:
lxc_spawn: 1161 failed to set up id mapping lxc-start: start.c:
__lxc_start: 1353 failed to spawn 'hf' lxc-start: lxc_start.c: main:
344 The container failed to start. lxc-start: lxc_start.c: main: 348
Additional information can be obtained by setting the --logfile and
--logpriority options.

lxc-start --logfile /tmp/debug --logpriority debug -n hf # returns debug
file at https://bpaste.net/show/36330ba0b7ae

In order for portage to work inside the container I believe that the
host's portage ID needs to be mapped unchanged.  To this end, is
"lxc.id_map = u 250 250 1" possible and if so how?

Regards

Fog_Watch



# lxc-start --version
2.0.1



# uname -vmpr
4.4.6-gentoo #12 SMP Sun Jul 10 12:32:14 AEST 2016 x86_64 Intel(R)
Celeron(R) CPU N3150 @ 1.60GHz



$ cat /home/lxc/.local/lxc/hf/config 
# Distribution configuration
lxc.include = /usr/share/lxc/config/gentoo.common.conf
lxc.include = /usr/share/lxc/config/gentoo.userns.conf
lxc.arch = x86_64
lxc.mount.entry = /usr/portage usr/portage none rw,bind 0 0 
# Container specific configuration
lxc.include = /etc/lxc/lxc-usernet
lxc.start.auto = 1
lxc.id_map = u 250 250 1
lxc.id_map = g 250 250 1
lxc.id_map = u 0 100000 1000
lxc.id_map = g 0 100000 1000
lxc veth br0.1 20
# Network configuration
lxc.network.type = veth
lxc.network.link = br0.1
lxc.network.flags = up
lxc.network.name = net0
lxc.network.ipv4.gateway = 192.168.2.1
#local
lxc.include = /home/lxc/.local/lxc/hf/local.conf

More information about the lxc-users mailing list