[lxc-users] Can I, or should I, "lxc.id_map = u 250 250 1"?
Guido Jäkel
G.Jaekel at DNB.DE
Wed Jul 13 05:58:21 UTC 2016
Dear Fog_Watch,
I'm a Gentoo user, too. And I'm working (completely all) with NFS and shared portage trees, also. Nevertheless, i'm don't using unpriv'ged containers or shifting, yet.
But don't think that Gentoo need to have the user/group of the portage tree to be "portage:portage" for the purpose to run a ebuild. This will be a requirement for portage sync operations, of corse. But this ones, you probably want to run on the host, i think. Maybe you should even bind-mount it read-only to your containers.
You need to have write access to the distfiles directory (and packages directory -- if you use it). You may hold this ones outside the portage directory by defining variables; please refer to man make.conf .
greetings
Guido
On 13.07.2016 06:54, Fog_Watch wrote:
> Hello,
>
> I use Gentoo's Portage. The Portage tree is NFS mounted into my host
> and then bind mounted into an unprivileged container with:
> $ grep portage /home/lxc/.local/lxc/hf/config
> lxc.mount.entry = /usr/portage usr/portage none rw,bind 0 0
>
>[...]
>
> In order for portage to work inside the container I believe that the
> host's portage ID needs to be mapped unchanged. To this end, is
> "lxc.id_map = u 250 250 1" possible and if so how?
>
> Regards
>
> Fog_Watch
>
More information about the lxc-users
mailing list