Welcome to the Linux Foundation Forum!

lxc_map_ids: 3668 newuidmap failed to write mapping "newuidmap: uid range [0-1) -> [231072-231073) n

alireza1222
alireza1222 Posts: 2
in LFS253 Class Forum

Here is my defualt.conf: cat ~/.config/lxc/default.conf

lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
lxc.idmap = u 0 231072 65536
lxc.idmap = g 0 231072 65536

getting the following error after running: lxc-create --template download --name unpriv-cont-user

lxc-create: unpriv-cont-user: conf.c: lxc_map_ids: 3668 newuidmap failed to write mapping "newuidmap: uid range [0-1) -> [231072-231073) not allowed": newuidmap 47807 0 231072 1 1001 1001 1
lxc-create: unpriv-cont-user: conf.c: userns_exec_mapped_root: 5552 Error setting up {g,u}id mappings for child process "47807"
lxc-create: unpriv-cont-user: utils.c: wait_exited: 344 Child terminated with error 1
lxc-create: unpriv-cont-user: lxccontainer.c: do_create_container_dir: 1234 No such file or directory - Failed to chown rootfs "/home/student/.local/share/lxc/unpriv-cont-user"
lxc-create: unpriv-cont-user: lxccontainer.c: __lxcapi_create: 1817 Failed to create container unpriv-cont-user
lxc-create: unpriv-cont-user: tools/lxc_create.c: main: 317 Failed to create container unpriv-cont-user

Comments

  • chrispokorni
    chrispokorni Posts: 2,606

    Hi @alireza1222,

    To help better understand your environment please provide the cloud provider or hypervisor used to provision the VM, and the outputs of the following commands:

    whoami

    cat /etc/lxc/lxc-usernet

    cat /etc/subuid

    cat /etc/subgid

    getfacl -n ~/.local

    Regards,
    -Chris

  • robertfreemanday
    robertfreemanday Posts: 7

    @chrispokorni - I am running into this issue as well and happy to provide the details to carry it to completion for others.

    student@lfs253:~$ lxc-create --template download --name unpriv-cont-user
lxc-create: unpriv-cont-user: conf.c: lxc_map_ids: 3672 newuidmap failed to write mapping "newuidmap: uid range [0-1) -> [231072-231073) not allowed": newuidmap 832 0 231072 1 1001 1001 1
lxc-create: unpriv-cont-user: conf.c: userns_exec_mapped_root: 5557 Error setting up {g,u}id mappings for child process "832"
lxc-create: unpriv-cont-user: utils.c: wait_exited: 347 Child terminated with error 1
lxc-create: unpriv-cont-user: lxccontainer.c: do_create_container_dir: 1234 No such file or directory - Failed to chown rootfs "/home/student/.local/share/lxc/unpriv-cont-user"
lxc-create: unpriv-cont-user: lxccontainer.c: __lxcapi_create: 1817 Failed to create container unpriv-cont-user
lxc-create: unpriv-cont-user: tools/lxc_create.c: main: 317 Failed to create container unpriv-cont-user
student@lfs253:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 22.04.3 LTS
Release:    22.04
Codename:   jammy
student@lfs253:~$ whoami
student
student@lfs253:~$ cat /etc/lxc/lxc-usernet 
# USERNAME TYPE BRIDGE COUNT
student veth lxcbr0 10
student@lfs253:~$ cat /etc/subuid
ubuntu:100000:65536
student:165536:65536
student@lfs253:~$ cat /etc/subgid
ubuntu:100000:65536
student:165536:65536
student@lfs253:~$ getfacl -n ~/.local
getfacl: Removing leading '/' from absolute path names
# file: home/student/.local
# owner: 1001
# group: 1001
user::rwx
user:231072:--x
group::rwx
mask::rwx
other::r-x

student@lfs253:~$ uname -a
Linux lfs253 5.15.0-1039-kvm #44-Ubuntu SMP Tue Jul 25 10:12:11 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
  • robertfreemanday
    robertfreemanday Posts: 7

    I will also add that I am getting it on 20.04. I just created a fresh VM and it is the same issue.

  • chrispokorni
    chrispokorni Posts: 2,606

    Hi @robertfreemanday,

    Please share the contents of ~/.config/lxc/default.conf

    Regards,
    -Chris

  • robertfreemanday
    robertfreemanday Posts: 7

    Certainly!

    student@lfs253-2004:~$ cat ~/.config/lxc/default.conf 
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
lxc.idmap = u 0 231072 65536
lxc.idmap = g 0 231072 65536
  • robertfreemanday
    robertfreemanday Posts: 7
    edited August 2023

    @chrispokorni , another thing I noticed. In browsing the lab, I just decided to do a simple lxc ls and got the following:

    student@lfs253-2004:~$ lxc ls
If this is your first time running LXD on this machine, you should also run: lxd init
To start your first container, try: lxc launch ubuntu:20.04
Or for a virtual machine: lxc launch ubuntu:20.04 --vm

Error: Get "http://unix.socket/1.0": dial unix /var/snap/lxd/common/lxd/unix.socket: connect: permission denied

    I am going to run the lxd init since it wasn't suggested in the lab and see if that fixes things. Will report back here. If it does work, maybe an edit is in order?

    Thanks and talk soon!
    Robert

    EDIT: Nope, that didn't work...

    student@lfs253-2004:~$ lxd init
Error: Failed to connect to local LXD: Get "http://unix.socket/1.0": dial unix /var/snap/lxd/common/lxd/unix.socket: connect: permission denied

    I note it is wanting a snap directory and didn't think we were using snaps for this lab.

  • chrispokorni
    chrispokorni Posts: 2,606

    Hi @robertfreemanday,

    I would recommend correcting ~/.config/lxc/default.conf with your student user subuid and subgid, extracted from your /etc/subuid and /etc/subgid.

    Regards,
    -Chris

  • robertfreemanday
    robertfreemanday Posts: 7

    @chrispokorni Ah HA! Classic blindly copypasta error on my part. I would suspect the OP may have also done the same thing. I would suggest a slight update in the labs to note that a subuid/subgid may be different. Otherwise, I will definitely read closer and this can be marked solved for future people!

Categories

Upcoming Training