[lxc-users] Mapping multiple ids
Serge E. Hallyn
serge at hallyn.com
Sat Apr 4 15:30:08 UTC 2020
On Fri, Apr 03, 2020 at 10:05:34AM -0700, Michael Eager wrote:
> I want to map multiple UIDs/GIDs in my container (named 'wiki'),
> specifically my userid (1000) and apache (48).
>
> I found this:
> https://superuser.com/questions/1174344/syntax-for-setting-lxd-container-raw-idmap
>
> I ran
> $ echo -e "both 1000 1000\nboth 48 48" | lxc config set wiki raw.idmap -
>
> The config looks like this:
> raw.idmap: |
> both 1000 1000
> both 48 48
>
> The container does not start. lxc monitor shows this error:
>
> /var/log/lxd/wiki/lxc.log contains this:
> lxc wiki 20200403165802.697 ERROR start - start.c:proc_pidfd_open:1644 -
> Function not implemented - Failed to send signal through pidfd
> lxc wiki 20200403165802.700 ERROR conf - conf.c:lxc_map_ids:3009 -
> newuidmap failed to write mapping "newuidmap: uid range [48-49) -> [48-49)
> not allowed": newuidmap 27611 0 100000 48 48 48 1 49 100049 951 1000 1000 1
> 1001 101001 64535
> lxc wiki 20200403165802.700 ERROR start - start.c:lxc_spawn:1798 - Failed
> to set up id mapping.
>
>
> I'm guessing that remapping UID/GID 48 is not permitted in a non-privileged
> container.
>
> Is there a better way to do this?
You probably just need to add those to the root and/or lxd user's allocations
in /etc/subuid and /etc/subgid.
More information about the lxc-users
mailing list