0

I have a Proxmox LXC container with Nextcloud. The default data directory in Nextcloud requires the owner to be www-data with the default uid and gid of 33. I am using the following

Proxmox

Mount Point: /mnt/sdc

Drive Path: /dev/mapper/sdc

UID: 33

GID: 33

Filesystem: ZFS

Drive FS: LUKS/exfat

Nextcloud LXC

Data Directory: /mnt/myuser/files

Container ID: 102

I modified the 3 files inside Proxmox that I need in order to create a user passthrough

/etc/pve/lxc/102.conf

underprivlaged: 1
lxc.idmap: u 0 100000 33
lxc.idmap: g 0 100000 33
lxc.idmap: u 33 33 1
lxc.idmap: g 33 33 1
lxc.idmap: u 34 100034 65502
lxc.idmap: g 34 100034 65502
lxc.cgroup.devices.allow = b 8:32 rwm
lxc.mount.entry = /dev/mapper/sdc /mnt/sdc none bind,create=file,uid=33,gid=33 0 0
mp0: /mnt/sdc,mp=/mnt/myuser/files

/etc/subuid

root:100000:65536
root:33:1

/etc/subgid

root:100000:65536
root:33:1

Proxmox Commands (chown mountpoint for external storage)

chown -R 100033:100033 /mnt/sdc

mount /dev/mapper/sdc /mnt/sdc

Keep in mind I did all this BEFORE creating the www-data user in the Nextcloud LXC container. I only added the last 3 bind mount entries in my LXC config after I created the Nextcloud user in the front end web interface and permanently deleted the default files inside the Nextcloud data directory. I ensured it was empty before adding the mount.

I am using a ZFS filesystem. I am trying to create a passthrough to an LXC container. As mentioned in my previous thread, I am using Nextcloud so I needed to create a user passthrough as well. I got the user ID mapping passthrough working on the mounted directory working just fine. Everything is owned by www-data:www-data as intended. The mountpoint on Proxmox /mnt/sdc is also adapting the name www-data when chowning the appropriate ID (33:33). However, when I mount the drive, Nextcloud stops uploading files and I think I know why. I can not write to the drive. I noticed this was because whenever I mount the drive in proxmox, the Proxmox mount directory ownership changes back to root:root. Again, I am using ZFS so I ran the following commands to prevent this

umount /mnt/sdc;
zfs create -o mountpoint=/mnt/sdc /rpool/sdc;
zfs mount rpool/sdc;
chown 33:33 /mnt/sdc;
mount /dev/mapper/sdc /mnt/sdc;

It made no difference. How can I ensure my mounted drive respects the uid:gid ID ownership on the hypervisor and the passthrough?

user21303
  • 1
  • 1
  • ZFS do not matter about user rights. To use a _filesystem dataset_ with a non-root-user the _mountpoint_ need to be reachable by the non-root-user and set with proper rights – freezed Mar 25 '23 at 00:59

0 Answers0