Can the host itself write to the file share? You can check this by trying to create a file in it via the host's shell. If it can't write to it the container won't be able to either.
this post was submitted on 03 Mar 2025
23 points (92.6% liked)
Selfhosted
46672 readers
1681 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
That reddit thread is horrible advice, it's just mapping the LXC root user to the host root user, which is just a privileged LXC with extra steps (and maybe less secure).
The reason you're probably having issues is that your root user in the LXC is mapped to the host user 100000 by default, and that user doesn't have access to the share, but you can change that with mount options or creating a user with 100000:100000 and adding it to a group with access.
This makes sense, I'll investigate this when I'm back home.
I'm leaving this here for continuity, but don't follow what I said here. I have my containers set as privileged. I was wrong.
I have a server that runs Proxmox and a server that runs TrueNAS, so a very similar setup to yours. As long as your LXC is tied to a network adapter that has access to your file server (it almost certainly is unless you're using multiple NICs and/or VLANs), you should be able to mount shares inside your LXC just like you do on any other Linux machine.
Can you ping your fileserver from inside the container? If so, then the issue is with the configuration in the container itself. Privileged or unprivileged shouldn't matter here. How are you trying to mount the CIFS share?
Edit: I see that you're mounting the share in Proxmox and mapping it to your container. You don't need to do this. Just mount it in the container itself.
I can ping the fileserver and reach I can map the drive from calibre for example but it does not have write persmissions.
Maybe I am mounting incorrectly I mounted with mount -t cifs username=username \\fileserverIP\folder \mnt\smb_share
This works for 1 of my lxc that is privileged but does not work the unprivileged ones
I'm sorry, I think I gave you bad information. I have my containers set to unprivileged=no. I forgot about the "double negative" in how that flag was described.
So apparently my containers are privileged, so I don't think I've ever tried to do what you are doing.
No problem, as far as I can understand that is the easiest solution I don't see the problem with privileged containers if they are local in your network. I think I will test with NFS instead of smb/cifs and check the user access as @gaylord_fartmaster@lemmy.world mentioned above.
Can you mount SMB shares in unprivliged containers? I thought that was blocked.
I believe you're correct. I didn't realize that I had my containers set to privileged. That would explain why I've never had issues with mounting shares.
Is their a reason why you want to run cifs? I would run NFS3, it’s much faster plus smb /cifs is more for file share between windows and Linux.
There is no reason as far as I learn more this was probably not the best way to set it up but I was just following guides to learn. The goal in the future is to build a bigger storage server and run something like TrueNas. I will look into NFS3 though it could solve some of my problems with the current setup.
There are other things to consider as well. Nfsv3 is good for large sequential reads/writes. There are no multichannel in nfs3 and no caching , and you should adapt technology to the use-case. For vm storage nfs sucks while for movie storage it works great.
For general file storage I would pick smbv3 for speed and ease of user/security