[lxc-users] Mapping multiple ids
Michael Eager
eager at eagerm.com
Sat Apr 4 12:40:53 UTC 2020
On 4/3/20 12:04 PM, Joshua Schaeffer wrote:
>
>
> On 4/3/20 11:05, Michael Eager wrote:
>> /var/log/lxd/wiki/lxc.log contains this:
>> lxc wiki 20200403165802.697 ERROR start -
>> start.c:proc_pidfd_open:1644 - Function not implemented - Failed to
>> send signal through pidfd
>> lxc wiki 20200403165802.700 ERROR conf - conf.c:lxc_map_ids:3009 -
>> newuidmap failed to write mapping "newuidmap: uid range [48-49) ->
>> [48-49) not allowed": newuidmap 27611 0 100000 48 48 48 1 49 100049
>> 951 1000 1000 1 1001 101001 64535
>> lxc wiki 20200403165802.700 ERROR start - start.c:lxc_spawn:1798 -
>> Failed to set up id mapping.
>>
> I ran into the same error recently but I was increasing the default map
> size. I had to:
>
> 1. Stop the container
> 2. Make the container privileged
> 3. Start then stop the container
> 4. Make the container unprivileged
>
> After that it worked with the new ID's in the unprivileged container
I made the container privileged and set both UID/GID mappings. The
container started and the ownership of files is correct. Resetting
the container to unprivileged reverts back to the error.
>> I'm guessing that remapping UID/GID 48 is not permitted in a
>> non-privileged container.
> I would guess the same thing
>>
>> Is there a better way to do this?
> I would also be interested if there is a better way to do this as the
> method I listed above may not always be possible for some situations.
Anyone?
More information about the lxc-users
mailing list