Correct unsymmetric uid- and gid-mapping for file sharing between LXC and host?


I have a proxmox system with LXC-containers running.
In general, they work great!

However, I am not able to create a proper connection between the host and a unprivilleged container to exchange data.

Please consider the following:
There are two users which exist on a LXC-System as well as on the host:

user_a: uid=1000; gid=1000 
postgres: uid: 109; gid=115 
user_a: uid=1010; gid=1010 
postgres: uid=1011; gid=1011

Without a user mapping files can be exchanged between LXC and host but the problem is that they belong to “nobody” and “nogroup” and not to the correct users.

I tried one mapping for the user “postgres”:

lxc.idmap: u 0 100000 109
lxc.idmap: g 0 100000 115
lxc.idmap: u 109 1011 1
lxc.idmap: g 115 1011 1
lxc.idmap: u 110 100110 65426
lxc.idmap: g 116 100116 65420

In “/etc/subuid” and “/etc/subgid” I have added:

However, this leads to the problem that files in local and unshared LXC folders start to belong to “nobody” and “nogroup”.

What am I doing wrong?
How would the correct mapping including both users look like?


I have the exact same problem - I thought changing this mapping only affects how files are seen on the host, not locally within the container…