Error: Failed instance creation: Failed checking if instance creation allowed: Use of low-level "raw.idmap" element 0 on profile "my_profile" of project "my_project" is forbidden
I am not sure whether this is an error or my mistake in configuring the project.
The profile configuration looks like this:
The group cluster my_group has a few incus servers assigned to them.
Notice that if I do not specify the --project my_project flag the instance is created fine and the raw.idmap is applied properly.
Thanks for the answer!
Unfortunately I cannot set that property:
$ incus project set my_project restricted.containers.lowlevel=allow
Error: Conflict detected when changing "restricted.containers.lowlevel" in project "my_project": Use of low-level "raw.idmap" element 0 on profile "my_profile" of project "my_project" is forbidden
Well, I managed to set the property using the option -p which according to the documentation “Sets the key as a project property”. I do not really understand the difference, since without the -p I thought I was setting the project properties…
$ incus project set -p my_project restricted.containers.lowlevel=allow
And indeed the property does not appear in the incus project show output despite the previous command being successful.
Anyway, I still cannot start the instance, I get the same error.
However after that I still get the same error when creating the instance:
incus create --project my_project images:fedora/40 f40-test
Creating f40-test
Error: Failed instance creation: Failed checking if instance creation allowed: Use of low-level "raw.idmap" element 0 on profile "my_profile" of project "my_project" is forbidden
It seems that despite the restricted.containers.lowlevel=allow option I still need to specify the uid and gid’s in the project properties. It is a bit inconvenient since I need to repeat what is already in the profile, but ok, at least it is working now.