[lxc-users] Proper usage of fuidshift

Ronald Kelley rkelleyrtp at gmail.com
Mon May 16 16:57:03 UTC 2016


Thanks for the fast reply.  

Just for clarity, the values you used are pulled directly from the /etc/subuid file for the lxd user, correct?  We are looking into some system automation and want to make sure any new/copied container has the correct values.

Also, in what circumstance would you revert to the old values?




On May 16, 2016, at 12:12 PM, Serge Hallyn <serge.hallyn at ubuntu.com> wrote:

Quoting Ron Kelley (rkelleyrtp at gmail.com):
> Trying to understand the right way to use fuidshift.  I have rsync'd a container from one server to another and the root/group IDs are off.  Each time I start the container, I get permission denied errors (like root's .bashrc).  I read the manpage for fuidshift but am still confused.  Various incantations don't appear to put the right permissions on the container's files/directories.  Can someone please give some guidance?  
> 
> /etc/subgid output:
> ------------------------
> rkelley:100000:65536
> lxd:165536:65536
> root:165536:65536
> wpadmin:231072:65536
> 
> 
> Container rsync'd from another server:
> ---------------------------------
> root at hj-wp-container-mgmt-01:/var/lib/lxd/containers/CentOS7-PHP56-Baseline-Current# ls -la
> total 4
> drwxr-xr-x+  3 root   root     19 May 16 10:29 .
> drwx--x--x   4 root   root    131 May 16 10:33 ..
> dr-xr-xr-x  19 100000 100000 4096 May  5 17:48 rootfs
> 
> 
> New container on server:
> -----------------------
> root at hj-wp-container-mgmt-01:/var/lib/lxd/containers/test-container# ls -al
> total 8
> drwxr-xr-x+  4 165536 165536   55 May 16 11:52 .
> drwx--x--x   5 root   root    152 May 16 11:52 ..
> dr-xr-xr-x  18 165536 165536 4096 May 16 11:52 rootfs
> 
> 
> From what I can see, the CentOS7-PHP56-Baseline-Current container should have root/group IDs of 165536/165536 but it has 100000/100000 instead.
> 
> My question is: how can I get the CentOS7-PHP56-Baseline-Current container to get the correct permissions using fuidshift?

fuidshift /var/lib/lxd/containers/CentOS7-PHP56-Baseline-Current/rootfs -r b:0:100000:65536
fuidshift /var/lib/lxd/containers/CentOS7-PHP56-Baseline-Current/rootfs b:0:165536:65536

The first one reverts the old mapping, the second sets the new.

(You could do it all in one step, but I think this is the safest way)
_______________________________________________
lxc-users mailing list
lxc-users at lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users



More information about the lxc-users mailing list