[lxc-users] uid range not allowed
Christoph Willing
chris.willing at iinet.net.au
Sat Jul 23 10:03:22 UTC 2016
On 23/07/16 18:16, Andreas Vögele wrote:
> Christoph Willing writes:
>
>> I'm following the guide to run X apps in a container at:
>> https://www.stgraber.org/2014/02/09/lxc-1-0-gui-in-containers/
>>
>> As a starting point, I have a normal unprivileged container running
>> perfectly. However when I change the id_map configuration to look
>> like:
>> lxc.id_map = u 0 100000 1000
>> lxc.id_map = g 0 100000 1000
>> lxc.id_map = u 1000 1000 1
>> lxc.id_map = g 1000 1000 1
>> lxc.id_map = u 1001 101001 64535
>> lxc.id_map = g 1001 101001 64535
>>
>> the container fails to start, claiming:
>>
>> chris at d6:~/.local/share/lxc$ lxc-start -n x11-test-x86_64 -F
>> newuidmap: uid range [1000-1001) -> [1000-1001) not allowed
>> lxc-start: start.c: lxc_spawn: 1161 failed to set up id mapping
>> [...]
>> Can anyone shed light on this problem please?
>
> You've got to add the id to /etc/subuid and /etc/subgid. Example:
>
> chris:1000:1
> chris:100000:65536
Thanks Andreas,
I had the second line but not the first. The container starts without
error now.
chris
More information about the lxc-users
mailing list