Thank You Dirk for your response.
It was a permission issue and as you suggested corrected the permissions to
have unprivileged user full access to container's rootfs and it started
working.
Thanks again,
Yasoda
-- Forwarded message --
> From: Yasoda Padala
> To: lxc-users@lists.linuxcontainers.org
> Cc:
> Bcc:
> Date: Tue, 21 Aug 2018 15:37:49 +0530
> Subject: Re: [lxc-users] How can a non-root user assign unique UID/GID
> range for LXC unprivileged containers ??
> Hi Xavier,
> Thank you for your response.
> I even tried with bigger range, but still no luck.
>
> in 1st container (cont1) config,
> lxc.id_map = u 0 10 1000
> lxc.id_map = g 0 10 1000
> &
> and in 2nd container (cont2) config:
> lxc.id_map = u 0 101500 1000
> lxc.id_map = g 0 101500 1000
>
> get the same error
>
> lxc-start 20180817035100.984 ERRORlxc_conf - conf.c:mount_rootfs:798 -
> Permission denied - Failed to get real path for
> "/home/oxpd/.local/share/lxc/uidranges/rootfs".
>
> lxc-start 20180817035100.984 ERRORlxc_conf -
> conf.c:setup_rootfs:1220 - Failed to mount rootfs
> "/home/oxpd/.local/share/lxc/uidranges/rootfs" onto
> "/usr/lib/x86_64-linux-gnu/lxc" with options "(null)".
>
> lxc-start 20180817035100.984 ERRORlxc_conf -
> conf.c:do_rootfs_setup:3899 - failed to setup rootfs for 'uidranges'
>
> lxc-start 20180817035100.984 ERRORlxc_conf -
> conf.c:lxc_setup:3981 - Error setting up rootfs mount after spawn
>
> lxc-start 20180817035100.984 ERRORlxc_start -
> start.c:do_start:811 - Failed to setup container "uidranges".
>
> lxc-start 20180817035100.984 ERRORlxc_sync -
> sync.c:__sync_wait:57 - An error occurred in another process (expected
> sequence number 3)
>
> lxc-start 20180817035100.985 ERRORlxc_start -
> start.c:__lxc_start:1358 - Failed to spawn container "uidranges".
>
> lxc-start 20180817035106.524 ERRORlxc_start_ui -
> tools/lxc_start.c:main:366 - The container failed to start.
>
> lxc-start 20180817035106.525 ERRORlxc_start_ui -
> tools/lxc_start.c:main:368 - To get more details, run the container in
> foreground mode.
>
> lxc-start 20180817035106.525 ERRORlxc_start_ui -
> tools/lxc_start.c:main:370 - Additional information can be obtained by
> setting the --logfile and --logpriority options.
>
> If I try something like below:
> in 1st container (cont1) config,
> lxc.id_map = u 0 10 1000
> lxc.id_map = g 0 10 1000
>
> and in 2nd container (cont2) config:
> lxc.id_map = u 0 10 2000
> lxc.id_map = g 0 10 2000
>
> it works, but on the host both the containers created by my lxcuser has
> same userid which is 10. Hence, it is not possible to identify each
> container uniquely on host machine
>
> My query is that, is there any way a non-root user can create various
> containers and each container will have unique UserId on the host machine ??
>
> Thanks for your help,
> Yasoda
>
> From: Xavier Gendre
> To: lxc-users@lists.linuxcontainers.org
> Cc:
> Bcc:
> Date: Mon, 20 Aug 2018 09:24:31 +0200
> Subject: Re: [lxc-users] How can a non-root user assign unique UID/GID
> range for LXC unprivileged containers ??
> Hi Yasoda,
>
> only 10 ids is a bit short for a container. You should increase this
> number to cover at least the system ids 0-999. Depending on the
> distribution you run in your containers, you can be sharper and only
> involve the needed ids but they all have to be covered.
>
> Xavier
>
>
>> On Fri, Aug 17, 2018 at 9:34 AM Yasoda Padala
>> wrote:
>>
>>> Hi All,
>>> I have created non-root user on my Ubuntu (16.04) machine who creates
>>> unprivileged LXC containers.
>>> My user's uid/gid on the host is 1000.
>>> and below are the entries in /etc/subuid & /etc/subgid files
>>>
>>> /etc/subuid:
>>> lxcuser:10 65536
>>>
>>> /etc/subgid:
>>> lxcuser:10:65536
>>>
>>> My requirement is for each LXC unprivileged container, I should be able
>>> to pick a UID/GID range.
>>> For instance, I have created two LXC containers cont1 and cont2
>>> in cont1 config, I have added the below id mappings
>>> lxc.id_map = u 0 10 10
>>> lxc.id_map = g 0 10 10
>>>
>>> and in con2 config file, I have added the below id mappings
>>> lxc.id_map = u 0 100020 10
>>> lxc.id_map = g 0 100020 10
>>>
>>> cont1 starts successfullly but cont2 gives the below error while
>>> starting the container
>>>
>>> lxc-start 20180817035100.984 ERRORlxc_conf - conf.c:mount_rootfs:798
>>> - Permission denied - Failed to get real path for
>>> "/home/oxpd/.local/share/lxc/uidranges/rootfs".
>>>
>>> lxc-start 20180817035100.984 ERRORlxc_conf -
>>> conf.c:setup_rootfs:1220 - Failed to mount rootfs
>>> "/home/oxpd/.local/share/lxc/uidranges/rootfs" onto
>>> "/usr/lib/x86_64-linux-gnu/lxc" with options "(null)".
>>>
>>> lxc-start 20180817035100.984 ERRORlxc_conf -
>>> conf.c:do_rootfs_setup:3899 - failed to setup rootfs for 'uidranges'
>>>
>>> lxc-start 20180817035100.984 ERROR