24
submitted 3 months ago* (last edited 3 months ago) by moddy@feddit.org to c/selfhosted@lemmy.world

I am moving from an debian-server (odroid) to a proxmox-server. I have a 2tb-ssd for some media in my proxmox, so that is what i did:

  1. i mounted the smaba-share from my old server in proxmox (not in the lxc "ausiobookshelf")
  2. i moved the data from the old server to the lxc-mountpoint "audiobooks" on my proxmox

This worked but now i have trouble to give permissions. In proxmox i can edit the permissions but there is no user "audiobookshelf" in the proxmox-root. In the lxc i have the user "audiobookshelf" but i have no rights to edit the permissions.

Question: What is the best solution to move data to lxc-mountpoints regarding the permissions? Should i use a systemwide user or group? Or should i mount the samba-share from the old server in the lxc?

audiobookshelf is only the beginning. SABnzbd and jellyfin will follow so i ask in common... ;)

top 7 comments
sorted by: hot top controversial new old
[-] jay@mbin.zerojay.com 10 points 3 months ago

Proxmox maps user ids between itself and lxc containers and it took me a bit of time to figure it out. I would highly suggest reading the following link as it's how I worked it out. I ended up chown'ing to 101000 which maps to user 1000 - the default user - in my lxcs.

https://www.itsembedded.com/sysadmin/proxmox_bind_unprivileged_lxc/

[-] tvcvt@lemmy.ml 3 points 3 months ago

I’m making some assumptions, namely that you’re using an unprivileged LXC container and the mount point is a bind mount.

Unprivileged LXC shift user ID numbers so that an escape won’t result in root access to the host. The root user (uid 0) in the container is actually uid 100000 from the perspective of the Proxmox host.

What I usually do is set ownership of my bind mounts to that high-numbered ID (so something like chown -R 100000:100000 /path/to/bind/mount) from Proxmox. Then the root user in the container will be able to set whatever permissions you need directly.

[-] moddy@feddit.org 1 points 3 months ago

This is the way i will go! Especially when i have a mounted directory in several different lxc's i just have to chown it this way for one time.

Thank you!

PS: I hope you can read my answer, because i do see your post only in my inbox. The thread seems almost empty. Guess it has to do with my feddit.org-account.

[-] tvcvt@lemmy.ml 1 points 3 months ago

Awesome. I’m glad it helps. I’d be a little weary of using the same directory in multiple containers. File systems may or may not behave well with multiple machines writing to them. Not saying anything bad will happen, but do keep an eye out for issues.

[-] lemmyng@lemmy.ca 1 points 3 months ago

Figure out the uid/gid (numeric) for the user in lxc, then change the data permissions to those.

[-] moddy@feddit.org 1 points 3 months ago

Or should i solve it by chmod instead of owner/group?

[-] monty33@lemmy.ml 1 points 3 months ago

I have had these permission issues in the past. Once I switched to mounting directly in the LXC they all went away.

this post was submitted on 12 Aug 2024
24 points (92.9% liked)

Selfhosted

40153 readers
269 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS