Im running incus on ubuntu 24.04 and im trying to make a shared dir with the container.
Two things were suggested: shift:true and idmap, both of which i have problems with.
add device
incus config device add container container-data disk source=/data/storage/data/container/ path=/data/container
try shiftfs
incus config device container container-data set shift=true
results in an error
Error: Failed to start device "container-data": The "shift" property cannot be used with a restricted source path
try idmap
incus config set container raw.idmap="uid 1000 103"
incus restart container
results in an error
Error: Failed to run: /usr/libexec/incus/incusd forkstart user-1000_container /var/lib/incus/containers /run/incus/user-1000_container/lxc.conf: exit status 1
Try `incus info --show-log container` for more info
Name: container
Status: STOPPED
Type: container
Architecture: x86_64
Created: 2024/07/07 15:17 UTC
Last Used: 2024/07/07 15:35 UTC
Log:
lxc user-1000_container 20240707153533.823 ERROR conf - ../src/lxc/conf.c:lxc_map_ids:3704 - newuidmap failed to write mapping "newuidmap: uid range [103-104) -> [1000-1001) not allowed": newuidmap 8201 0 1000000 103 103 1000 1 104 1000104 999999896
lxc user-1000_container 20240707153533.823 ERROR start - ../src/lxc/start.c:lxc_spawn:1788 - Failed to set up id mapping.
lxc user-1000_container 20240707153533.823 ERROR lxccontainer - ../src/lxc/lxccontainer.c:wait_on_daemonized_start:878 - Received container state "ABORTING" instead of "RUNNING"
lxc user-1000_container 20240707153533.827 ERROR start - ../src/lxc/start.c:__lxc_start:2107 - Failed to spawn container "user-1000_container"
lxc user-1000_container 20240707153533.827 WARN start - ../src/lxc/start.c:lxc_abort:1036 - No such process - Failed to send SIGKILL via pidfd 17 for process 8201
lxc 20240707153533.884 ERROR af_unix - ../src/lxc/af_unix.c:lxc_abstract_unix_recv_fds_iov:218 - Connection reset by peer - Failed to receive response
lxc 20240707153533.884 ERROR commands - ../src/lxc/commands.c:lxc_cmd_rsp_recv_fds:128 - Failed to receive file descriptors for command "get_init_pid"
project config
config:
features.images: "true"
features.networks: "false"
features.networks.zones: "true"
features.profiles: "true"
features.storage.buckets: "true"
features.storage.volumes: "true"
restricted: "true"
restricted.containers.nesting: allow
restricted.devices.disk: allow
restricted.devices.disk.paths: /home/user,/data/storage
restricted.devices.gpu: allow
restricted.idmap.gid: "1000"
restricted.idmap.uid: "1000"
restricted.networks.access: incusbr-1000
how can i make a user with uid 1000 on host have some specific uid within the container? i.e. the process within the container, when writing files, should from the host look like it is using uid 1000.
One thing to note: I’m trying to do this as a normal user, not root.