I would like to increase the range of idmapping from the default 1000000000 to 2000000000. I tried setting the security.idmap.size=2000000000
and security.idmap.base=1000000
, but after a container restart the mapping is still the default base of 1000000 and range of 1000000000. If I also set security.idmap.isolated=true
then my specified mapping size and base are used, but I do not actually want the idmapping to be isolated.
When I try to configure my desired idmapping using raw.idmap
.
# lxc config set timemachine raw.idmap="both 1000000-2000999999 0-1999999999"
Error: Failed to get ID map: Host id is in the range of subids
# lxc config set timemachine raw.idmap="both 1000000-1000999999 0-999999999"
Error: Failed to get ID map: Host id is in the range of subids
I thought the second should be equivalent to the default base of 1000000 and range of 1000000000, so it is unclear why this is not allowed. Is there a way to change with idmapping range without isolation?
# snap list lxd
Name Version Rev Tracking Publisher Notes
lxd 4.19 21723 4.19/stable canonical✓ -