Hi, I'm new on the list, so hello to all.
While experimenting with unprivileged containers (@stgraber: thanks for the excellent howtos) I discovered a phenomena I can't explain to me. Debian Stretch lxc 2.0.7-2: amd64 btrfs filesystem I converted an container I bootstrapped as root from a debian stretch template to a unprivileged container for a user "lxcuser". cp -a /var/lib/lxc/deb_template /home/lxcuser/.local/share/lxc/ After that I changed the uids of the new rootfs according to the subuids of lxcuser. After fixing file permissions and configuration everything works fine. Now the interesting things: while clone the new container as the user lxcuser with lxc-copy -n deb_template -N cont1 everything works as aspacted. The new rootfs of cont1 got the right uids. But if I do the same as a snapshot lxc-copy -n deb_template -N cont2 -s I get the error newgidmap: write to gid_map failed: Invalid argument error mapping child setgid: Invalid argument sed: couldn't open temporary file /home/lxcuser/.local/share/lxc/cont3/rootfs/etc/sed6iYKSh: Permission denied lxc-copy: lxccontainer.c: clone_update_rootfs: 3011 Permission denied - unable to open /usr/lib/x86_64-linux-gnu/lxc/rootfs/etc/hostname: ignoring AND: all Files in cont3/rootfs/ belong now root!! If I do the same with the first copied container (without snapshot) "cont1" again everything works fine except the following error: newgidmap: gid range [231072-231073) -> [462144-462145) not allowed error mapping child setgid: Invalid argument Any ideas? Best Regards Jan _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
