[lxc-users] LXD share /var/lib/mysql from host to container and map user/group

Tony P tonypeagleon at gmail.com
Mon Jul 9 21:07:09 UTC 2018 

What's the correct way to share the mysql/mariadb data dir of the host
system to a container and map the permissions correctly? I have been
struggling with this for a couple of days. I'm sorry if this question has
been asked before, but I have searched thoroughly and not been able to find
the solution yet. Basically what I have done so far:

Install mariadb-server on both host and container and:

$ printf "lxd:$(id -u mysql):1\nroot:$(id -u mysql):1\n" | sudo tee -a
/etc/subuid
$ printf "lxd:$(id -g mysql):1\nroot:$(id -g mysql):1\n" | sudo tee -a
/etc/subgid
$ sudo systemctl restart lxd
$ printf "uid $(id -u mysql) 1000\ngid $(id -g mysql) 1000" | lxc config
set $CONTAINER_NAME raw.idmap -
$ lxc restart $CONTAINER_NAME
$ sudo lxc config device add $CONTAINER_NAME mysql disk
source=/var/lib/mysql path=/var/lib/mysql
Unfortunately, this breaks the container and prevents it from starting
since the mapping isn't allowed.

$ sudo lxc info --show-log ub1804x64-3

Name: ub1804x64-3
Remote: unix://
Architecture: x86_64
Created: 2018/07/09 15:30 UTC
Status: Stopped
Type: persistent
Profiles: default

Log:

lxc ub1804x64-3 20180709154554.682 ERROR    lxc_conf -
conf.c:lxc_map_ids:2919 - newuidmap failed to write mapping "newuidmap: uid
range [1000-1001) -> [114-115) not allowed": newuidmap 6725 0 100000 1000
1000 114 1 1001 101001 64535
lxc ub1804x64-3 20180709154554.682 ERROR    lxc_start -
start.c:lxc_spawn:1661 - Failed to set up id mapping.
lxc ub1804x64-3 20180709154554.755 WARN     lxc_network -
network.c:lxc_delete_network_priv:2607 - Failed to remove interface
"veth38DOB9" from "lxdbr0": Invalid argument
lxc ub1804x64-3 20180709154554.755 ERROR    lxc_container -
lxccontainer.c:wait_on_daemonized_start:834 - Received container state
"ABORTING" instead of "RUNNING"
lxc ub1804x64-3 20180709154554.756 ERROR    lxc_start -
start.c:__lxc_start:1887 - Failed to spawn container "ub1804x64-3"
lxc 20180709154554.775 WARN     lxc_commands -
commands.c:lxc_cmd_rsp_recv:130 - Connection reset by peer - Failed to
receive response for command "get_state"
I'm basically following this article (
https://stgraber.org/2017/06/15/custom-user-mappings-in-lxd-containers/)
written by Stéphane Graber (the super awesome primary LXD developer) to
achieve this. I'll admit that I don't fully understand what's going on
here, if someone could help me understand my mistake a bit better, I'd
really appreciate it. I have a feeling I have the range wrong (1000?). I
previously attempted doing the same by manually adding the mysql user/group
and trying to map those (instead of installing mysql), but that also didn't
work out (Same error). This is what I tried before trying the mapping):

$ sudo groupadd mysql
$ sudo useradd -r -g mysql mysql

I also tried with:
$ printf "both $(id -u mysql) $(id -u mysql)" | lxc config set
$CONTAINER_NAME raw.idmap -

Then the error I get is:

$ sudo lxc info --show-log tmp3

Name: tmp3
Remote: unix://
Architecture: x86_64
Created: 2018/07/09 20:32 UTC
Status: Stopped
Type: persistent
Profiles: default

Log:

lxc tmp3 20180709204423.805 ERROR    lxc_conf - conf.c:lxc_map_ids:2919 -
newgidmap failed to write mapping "newgidmap: gid range [114-115) ->
[114-115) not allowed": newgidmap 30081 114 114 1 0 100000 114 115 100115
65421
lxc tmp3 20180709204423.805 ERROR    lxc_start - start.c:lxc_spawn:1661 -
Failed to set up id mapping.
lxc tmp3 20180709204423.876 WARN     lxc_network -
network.c:lxc_delete_network_priv:2607 - Failed to remove interface
"vethYL869L" from "lxdbr0": Invalid argument
lxc tmp3 20180709204423.876 ERROR    lxc_container -
lxccontainer.c:wait_on_daemonized_start:834 - Received container state
"ABORTING" instead of "RUNNING"
lxc tmp3 20180709204423.877 ERROR    lxc_start - start.c:__lxc_start:1887 -
Failed to spawn container "tmp3"
lxc 20180709204423.897 WARN     lxc_commands -
commands.c:lxc_cmd_rsp_recv:130 - Connection reset by peer - Failed to
receive response for command "get_state"


I'm using LXD 3.0.1 running on host Ubuntu 18.04 amd64 and testing with a
Ubuntu 18.04 amd64 container

Thanks for your help in advance!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20180709/732e813f/attachment.html>

More information about the lxc-users mailing list