You are not logged in.
Hi there,
I have an LXC host with several containers accessing the same directory on the host, e.g.: an SFTP server where (UNIX-mapped) users can drop contents, and a processor watching the same directory for new contents and generating artifacts and a report on the same directory. The shared directory is on the host and both containers need write access to it.
I have mounted the directory on both hosts via LXC config, but the permissions are set to nobody:nobody, as the user is not mapped on the guests, so I cannot give both guests write permissions to the mounted directory without making it world-writable.
My containers are unprivileged and I am using different sub-uid and sub-gid ranges for each container.
I tried to use the uid and gid mount options, but they don't seem to have any effect:
lxc.mount.entry = /data/volumes/ftp/pkar_dropboxes/pkar_test data/pkar/watch/pkar_test none bind,rw,create=dir,uid=1000,gid=967 0 0What is the best way to share this folder with the same permissions on local users?
One solution that may work would be creating a common user on the host and map sub-id and sub-gid to that user. However, I have several of these shared folders among different users, and I am concerned that adding local users on the host may become complicated to manage and create opportunities for a break-in.
Any suggestions?
Thanks,
gm
Offline