|
|
|
|
|
|
by Helmut10001
5 days ago
|
|
|
Yeah, I ran into the same wall when setting the system up. I then reverted to the standard mount utility, which also supports id-mapping. But it is really not that known. See the links in the article that point to the source of the idea. > Network file systems can cause UID/GID mismatches and add network overhead. With VirtIO-FS, I use the Linux kernel's Virtual File System to translate the hypervisor's UID to the guest's unprivileged UID. This avoids exposing the host file structure. I utilize the `X-mount.idmap` fstab option for this. Documentation on this specific implementation is not easy to find. It builds upon the idmapped mounts feature introduced by Christian Brauner in Linux 5.12 [1] and its later integration with util-linux v2.39 into the standard `mount` utility [2].
[1]: https://github.com/brauner/mount-idmapped + https://docs.kernel.org/filesystems/idmappings.html
[2]: https://github.com/systemd/systemd/releases/tag/v254
|
|
|
I think I may have complicated things by using linuxserver.io images which already require some id mapping trickery on the rootless podman side as they expect to run as root...