i believe the issue resulted from enabling shiftfs - which isn’t needed any longer on ubuntu kernels > 5.12 if using a supported file system - on a kernel 5.15 system which has idmapped_mounts enabled.
I unset the shiftfs key in the snap, reloaded the lxd snap, unset security.privileged in the containers and then removed and readded (without the key shift=true) the folder to be shared. Now it all works as it should, except the shared folder shows up with owner:group of nobody:nogroup. So, I added a raw.idmap to the container and the mapping works now as expected.
The folder i’m sharing originates as a cifs shared folder on TrueNAS (and the underlying file system there is zfs), which is mounted as a shared folder on my lxd host. In turn, i then shared it with the container… I’m presuming the underlying zfs file system (currently not supported by idmapped_mounts) is why i needed to add the raw.idmaps and that idmapped_mounts didn’t automatically just work.
Is there a way to use shiftfs still on kernels that support idmapped_mounts and not require a privileged container?