I’ve ran into some strange problem - I’m getting nobody:nogroup (65534:65534) ownership on bind-mount’ed files and file-like objects (e.g. /proc, /sys, /dev/urandom, …) inside my unprivileged containers. All of them have “lxc.idmap = u 0 100000 65536” and “lxc.idmap = g 0 100000 65536” configured. The host system has correct subuid and subgid ranges for the user containers are running under. I’ve tried Debian Buster created from template and manually assembled NixOS distro - both have this problem preventing them from functioning normally.
On the other hand, privileged containers with the same distros work as expected and there are no unexpected files with nobody:nogroup ownership.
I’ve only recently switched to lxc/lxcfs 3.0 and I don’t remember having this problem on 2.1. My current host is Arch with 4.16.5 kernel.
What could be the reason for such strange ownership? Any help would be greatly appreciated! Thanks in advance!
BTW: I’m not sure that the problem is entirely on lxc side so I’ve asked a related question on nixos mailing list.