lxc Container (Proxmox) Nextcloud problem

Question

I created a lxc Container with Proxmox using https://www.turnkeylinux.org/download?file=turnkey-nextcloud-17.1-bullseye-amd64.iso

i have mount a harddisk to the proxmox main system with

root@pve:/mnt/nas/data# pct set 101 -mp0 /mnt/nas ,mp=/mnt/nextcloud

but i have the problem , the folder permissions are nobody:nogroup and i cant change it as root user inside the lxc container.

And the www-data user/group are exist in the lxc Container,but not shown as about the commands.

that is from the Proxmox System

root@pve:/mnt/nas# ls -la
total 29
drwxr-xr-x  5 root     root      4096 Jan  9 13:53 .
drwxr-xr-x  3 root     root         3 Jan 14 12:10 ..
drwxr-xr-x  2 root     root      4096 Jan  3 08:01 code
drwxr-x--- 10 www-data www-data  4096 Jan  9 23:05 data
drwx------  2 root     root     16384 Nov 24 10:39 lost+found

root@pve:/mnt/nas# cat /etc/fstab

# \<file system\> \<mount point\> \<type\> \<options\> \<dump\> \<pass\>

proc /proc proc defaults 0 0
UUID=7a2cccf9-745c-462a-acf8-80bca216da85 /mnt/nas ext4 defaults 0 1
root@pve:/mnt/nas#

from the lxc Container is this :

root@Nextcloud /mnt# ls
nextcloud

root@Nextcloud /mnt# ls -la
total 13
drwxr-xr-x  3 root   root       3 Jan 14 11:14 .
drwxr-xr-x 17 root   root      23 Jan 14 11:09 ..
drwxr-xr-x  5 nobody nogroup 4096 Jan  9 12:53 nextcloud

root@Nextcloud /mnt# chown -R www-data:www-data /mnt/nextcloud/data/
chown: cannot read directory '/mnt/nextcloud/data/': Permission denied

root@Nextcloud /mnt# chown -R root:root /mnt/nextcloud/data/
chown: cannot read directory '/mnt/nextcloud/data/': Permission denied

root@Nextcloud /mnt# groups
root

root@Nextcloud /mnt# addgroup www-data
addgroup: The group \`www-data' already exists.
root@Nextcloud /mnt#

how i can solved that problem?

########################

Answer 1

LXC uses linux namespaces to separate user IDs from the host. By default the UID 0 (root) inside the container is seen as UID 100000 by the Proxmox host. That's why the directory you're bind-mounting, which is owned by www-data (UID 33) from the host perspective is nobody:nogroup inside the container.

There are a couple ways to deal with this, but my preferred method, if you can get away with it, is to change the owner of the directory from the host to the desired UID + 100000. So in this case, do chown -R 100033:100033 /mnt/nas and that should give you the desired permissions in the container.

If it's important to keep the permissions as they are from the host perspective, try using an ID map (there's a good description in the Proxmox wiki: https://pve.proxmox.com/wiki/Unprivileged_LXC_containers; and also a website to help calculate the proper UID numbers: https://proxmox-idmap-helper.nieradko.com/)

Answer 2

root@Nextcloud ~# cd /mnt

root@Nextcloud /mnt# ls
nextcloud

root@Nextcloud /mnt# cd nextcloud/

root@Nextcloud /mnt/nextcloud# ls

code  data  lost+found
root@Nextcloud /mnt/nextcloud# cd data/

root@Nextcloud .../nextcloud/data# ls
Biene                 appdata_oczb14gwpmn2  flow.log       nextcloud.log.1
Meltymon              audit.log             flow.log.1     owncloud.db
__groupfolders        biene                 index.html     updater-oczb14gwpmn2
appdata_ochaal06qhnm  files_external        nextcloud.log  updater.log

root@Nextcloud .../nextcloud/data# cd ..

root@Nextcloud /mnt/nextcloud# ls -la
total 29
drwxr-xr-x  5 www-data www-data  4096 Jan  9 12:53 .
drwxr-xr-x  3 root     root         3 Jan 14 11:14 ..
drwxr-xr-x  2 www-data www-data  4096 Jan  3 07:01 code
drwxr-x--- 10 www-data www-data  4096 Jan  9 22:05 data
drwx------  2 www-data www-data 16384 Nov 24 09:39 lost+found

root@Nextcloud /mnt/nextcloud#

Nice it Works! i must be install sudo for reinitialize the Database and Folders

 sudo -u www-data php occ files:scan --all
 sudo -u www-data php occ db:add-missing-indices

And give the occ file the x permissions

chown +x /var/www/nextcloud/occ

Thank you so much,ive searched the hole day for a solution with Google but dont find anything like that.