How we can use share mount in unprivileged LXCs

florin.tanasa · August 29, 2024, 9:01am

Hi,
For who wish to use for the jmix application an lxc on Proxmox VE, because is problems with possibility to mount something from exterior lxc, exist a solution at

Because, in me needs, my application make directory if not exist, where put qr code generated and after this the user take this qr code image and upload to database, I used solution from tutorial and work.

Backup_GeneDataBank I have in plan to be used for the backup database and files from .jmix directory

florin.tanasa · August 30, 2024, 7:56am

My fstab on PVE host:

root@pve:~# cat /etc/fstab 
# <file system> <mount point> <type> <options> <dump> <pass>
/dev/pve/root / ext4 errors=remount-ro 0 1
UUID=9DAB-BECF /boot/efi vfat defaults 0 1
/dev/pve/swap none swap sw 0 0
proc /proc proc defaults 0 0

# For smb service from windows server
# Directory where I put ar code image for GeneDatabank application
//192.168.0.100/share\040full/qrCodeImage /mnt/lxc_shares/qrCodeImage cifs _netdev,x-systemd.automount,noatime,uid=100000,gid=100987,dir_mode=0770,file_mode=0770,credentials=/root/.smb 0 0
# Directory where I put the backup (database and others files) for GeneDataBank application
//192.168.0.100/Backup_GeneDataBank /mnt/lxc_shares/Backup_GeneDataBank cifs _netdev,x-systemd.automount,noatime,uid=100000,gid=100987,dir_mode=0770,file_mode=0770,credentials=/root/.smb 0 0

and my lxc conf

root@pve:~# cat /etc/pve/lxc/104.conf
arch: amd64
cores: 2
features: nesting=1
hostname: server
memory: 4096
mp0: /mnt/lxc_shares/qrCodeImage,mp=/opt/genedatabank/qrCodeImage
nameserver: 192.168.9.254 8.8.8.8
net0: name=eth0,bridge=vmbr2,gw=192.168.9.254,hwaddr=00:00:00:00:00:00,ip=192.168.9.5/24,type=veth
onboot: 1
ostype: ubuntu
rootfs: local-lvm:vm-104-disk-0,size=250G
startup: order=2,up=20
swap: 4096
unprivileged: 1
mp1: /mnt/lxc_shares/Backup_GeneDataBank,mp=/opt/genedatabank/Backup_GeneDataBank

The trick, is necessary to add in pve host at fstab for gid=100000+gid_from_lxc group in my case for genedatabank group from lxc what have 987 I add 100987 in fstab from PVE

florin@server:~$ grep genedatabank /etc/group
genedatabank:x:987:genedatabank
lxc_shares:x:10000:genedatabank

I used the tutorial but I understood the trick and leave lxc_shares group for the future needs.