I found this link (https://github.com/lxc/lxd/issues/2784) titled “the max UID in lxd container” that explains the problem I was having when I set my LDAP server to use uidNumber values between 80000 and 90000. Stéphane Graber mentioned “On most such systems, I just change the LXD map size from “65536” to “1000000” which will allow containers to use from uid 0 to uid 999999, typically way enough to fix the problem.”
Are there any downsides to making this change?
Thanks.
John
Depends on how your LXD is installed, if it’s the deb package, then you’ll want to bump the 65536 in /ec/subuid and /etc/subgid to something bigger, 10000000 should do. Once done, restart the LXD daemon with systemctl restart lxd.
If using the snap, then you should already have enough uid/gid unless you’ve got security.idmap.isolated=true set, in which case you’ll need to bump security.idmap.size to whatever allocation size you need for your container, then restart the container.
Thanks, Stéphane.
John
what will it be if compiling from source code?
Depends if your distribution has /etc/subuid, /etc/subgid and the tools that come with them (newuidmap/newgidmap).