I have multiple websites instances and each one has its own unprivileged container. Website data is at
/web directory that is an unshifted mount from the host. At host I can the files are owned by some user at eg.
/mnt/NVME1/webdata/site1 that represents the
www-data user of the container.
In order to provide FTP access to the files of each website I’m running Pure-FTPd on the host. I can define users for FTP access, point them at the appropriate host’s folder where each website’s data is stored and tell it to read/write files with the specific UID/GID that matches the
www-data of the container.
Now, I want to move Pure-FTPd to its own container, how can I keep it unprivileged and mount the folder where all the websites are stored while keeping the users UID/GID as the host seems them?
If I simply add a device like:
lxc config device add pureftpd webdata disk source=/mnt/NVME1/webdata path=/mnt/webdata
They’ll all show up as
nobody:nogroup. What can I do here?