Really need someone to break down the uid mapping between containers please

LXD
1

Here is my goal

  1. have a group with READ/ WRITE to all folders (this group is called SHAREWRITE)

  2. have a group with READ to ALL folders but only WRITE to ONE of the folders (this group is called SHAREREAD)

in the host machine my zfs pool looks like this: DATA/SHARE

it’s mounted to /DATA/SHARE and it contains a folder called share.

I have a container called “TBX”

and it has the following config

devices:
  sdd:
    path: /mnt/share
    source: /DATA/SHARE/share/
    type: disk

my container has the following user: debian-transmission (for the transmission client, doesn’t actually have a /home dir)

my problem is this user is constantly getting permission denied to download things to this directory
/mnt/share/Downloads

root@tbx:~# id -u debian-transmission
111

my SHAREWRITE id is 126

2

The mappings are specified in subuid and subgid. The following mapping means uid 111 is mapped to 100111 and gid 126 is mapped to 100126.

# cat /etc/subuid
lxd:100000:65536

# cat /etc/subgid
lxd:100000:65536
3

Thank you for the response

on my HOST my machine

k@SERVER:~$ sudo cat /etc/subuid && sudo cat /etc/subgid
k:100000:65536
k:100000:65536

k@SERVER:~$ cat /etc/group | grep SHARE
SHAREWRITE:x:126:k

my container user
root@tbx:~# id -u debian-transmission
111

using " Direct user/group mapping" in this page as a guideline https://blog.ubuntu.com/2017/06/15/custom-user-mappings-in-lxd-containers

stgraber@castiana:~$ printf "lxd:$(id -u):1\nroot:$(id -u):1\n" | sudo tee -a /etc/subuid
lxd:201105:1
root:201105:1

what is he doing here? he’s taking his current user and group id and adding it /etc/subuid and /etc/subgid but why add LXD and ROOT? what is this step doing? If i just want to add a group on my system like SHAREWRITE does this change anything?

stgraber@castiana:~$ printf "lxd:$(id -g):1\nroot:$(id -g):1\n" | sudo tee -a /etc/subgid
lxd:200512:1
root:200512:1

suppose this is the same question as above, what is this step doing?

i’m using the snap version of lxd if that matters