<div dir="ltr">Пытаюсь настроить проброс папки в непривилегированный контейнер.<br>И в контейнере и на хосте собственник должен быть 500:500<br><div><div><br># chown 500:500 /tmp/test/folder<br>$ lxc config device add granophyric-elise test disk path=/mnt source=/tmp/test/folder<br>$ lxc exec granophyric-elise bash<br>root@granophyric-elise:~# ls -n /mnt/<br>total 4<br>-rw-r--r-- 1 65534 65534 5 Jan 9 16:56 test<br>drwxr-xr-x 1 65534 65534 0 Jan 9 17:07 test1<br><br></div><div>Как в ALT предполагается это делать?<br></div><div><br># cat /etc/subgid /etc/subuid<br>lxd:100000:65536<br>_libvirt:165536:65536<br>systemd-network:231072:65536<br>systemd-resolve:296608:65536<br>_lldpd:624288:65536<br>root:1000000:65536<br>root:500:1<br><br>lxd:100000:65536<br>_libvirt:165536:65536<br>systemd-network:231072:65536<br>systemd-resolve:296608:65536<br>_lldpd:624288:65536<br>root:1000000:65536<br>root:500:1<br><br clear="all"><div>Пробую настроить mapping:<br><br>$ lxc profile add granophyric-elise user<br><br>$ lxc info --show-log granophyric-elise<br>Name: granophyric-elise<br>Remote: unix:/var/lib/lxd/unix.socket<br>Architecture: x86_64<br>Created: 2017/01/08 17:22 UTC<br>Status: Stopped<br>Type: persistent<br>Profiles: user<br><br>Log:<br><br> lxc 20170109202701.941 WARN lxc_cgmanager - cgroups/cgmanager.c:cgm_get:992 - do_cgm_get exited with error<br> lxc 20170109202702.158 ERROR lxc_start - start.c:lxc_spawn:1163 - Failed to set up id mapping.<br> lxc 20170109202702.159 ERROR lxc_start - start.c:__lxc_start:1338 - Failed to spawn container "granophyric-elise".<br> lxc 20170109202702.715 ERROR lxc_conf - conf.c:run_buffer:347 - Script exited with status 1<br> lxc 20170109202702.715 ERROR lxc_start - start.c:lxc_fini:546 - Failed to run lxc.hook.post-stop for container "granophyric-elise".<br> lxc 20170109202702.716 WARN lxc_commands - commands.c:lxc_cmd_rsp_recv:172 - command get_init_pid failed to receive response<br> lxc 20170109202702.716 WARN lxc_cgmanager - cgroups/cgmanager.c:cgm_get:992 - do_cgm_get exited with error<br> lxc 20170109202702.986 WARN lxc_cgmanager - cgroups/cgmanager.c:cgm_get:992 - do_cgm_get exited with error<br> lxc 20170109202724.006 WARN lxc_cgmanager - cgroups/cgmanager.c:cgm_get:992 - do_cgm_get exited with error<br> lxc 20170109202724.014 WARN lxc_cgmanager - cgroups/cgmanager.c:cgm_get:992 - do_cgm_get exited with error<br> lxc 20170109202724.017 WARN lxc_cgmanager - cgroups/cgmanager.c:cgm_get:992 - do_cgm_get exited with error<br><br>$ lxc profile show user<br>name: user<br>config:<br> raw.lxc: |<br> lxc.id_map =<br> lxc.id_map = u 0 1000000 499<br> lxc.id_map = g 0 1000000 499<br> lxc.id_map = u 500 1000 1<br> lxc.id_map = g 500 1000 1<br> lxc.id_map = u 501 1000501 65035<br> lxc.id_map = g 501 1000501 65035<br> user.vendor-data: |<br> #cloud-config<br> users:<br> - name: user<br> groups: sudo<br> shell: /bin/bash<br> sudo: ['ALL=(ALL) NOPASSWD:ALL']<br> # ensure users shell is installed<br> packages:<br> - bash<br> # The dhclient is a workaround for dns, see lp:1600766<br>description: allow home dir mounting for user<br>devices:<br> home:<br> path: /home/user<br> source: /home/user<br> type: disk<br>usedby:<br>- /1.0/containers/granophyric-elise<br><br></div><div>Система: p8. lxc, lxd из Сизифа.<br></div><div><br>$ rpm -q lxd<br>lxd-2.6.2-alt1<br><br></div><div><div class="gmail_signature">--<br>С уважением,<br>Бирюков Алексей<br></div>
</div></div></div></div>