bindfs -u 1000000 -g 1000000 shifts files’ uid/gid so container can read/write.
bindfs --create-for-user=1000 --create-for-group=100 invert-shifts uid/gis so files created by container can be read/write by my daily user on host.
I hope LXD add such a feature. So we won’t have to chown our host filesystem to 1000000:1000000 to mount, then chown to normal when container jobs are done.
Rather than try to do this in userspace with FUSE, we’ve been investing time (mostly @sforshee) on an in-kernel solution for this. It’s shiftfs and we’re expecting it to ship with Ubuntu 19.04. Upstream support may take a while longer as the path to upstreaming it may be a significant rework of how Linux VFS works rather than a separate filesystem.
It’s present in Ubuntu 19.10’s kernel but currently needs manual opt-in through snap set lxd shiftfs.enable=true as overlayfs doesn’t yet work on top of shiftfs and we therefore don’t want to move everyone to it until we’re pretty sure there won’t be such regressions.
@brauner is currently working on this, so should soon be unblocked.