[lxc-users] Unprivileged containers with /home on NFS, chown not permitted
Kaj Wiik
kaj.wiik at iki.fi
Wed Feb 20 10:53:11 UTC 2019
I investigated further and if I
chown 101001.101001 autossh
in the NFS mounted directtory in the host, everything works for that
particular user.
But I cannot e.g.
# adduser foo
Adding user `foo' ...
Adding new group `foo' (1002) ...
Adding new user `foo' (1002) with group `foo' ...
Creating home directory `/home/foo' ...
Stopped: chown 1002:1002 /home/foo: Operation not permitted
in the container...
I already changed the NFS share subtree ownership to the mapped one (42000
in my case) and asked to disable subtree check from the share (not yet
done).
This must be something with the difference of normal directory and NFS but
what...?
Thanks,
Kaj
On Wed, 20 Feb 2019 at 00:23, Kaj Wiik <kaj.wiik at iki.fi> wrote:
> Hi!
>
> I have set up an unprivileged container with bind mount /home from NFS
> share mounted on host.
>
> The /home directory has been mapped to root in the container:
> printf "uid 42000 0\ngid 42000 0\n" | lxc config set container raw.idmap -
>
> The problem is that chown does not work, e.g.:
> chown: changing ownership of '/home/autossh/.ssh': Operation not permitted
>
> If I change the target directory to a 'normal' one instead of NFS mounted,
> everything works.
>
> Any ideas, please....
>
> NFS v3 and v4, lxc --version 3.0.3
>
> Thanks,
> Kaj
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20190220/66a5d682/attachment.html>
More information about the lxc-users
mailing list