Proxmox LXC Granular Mountpoint Helper
This tool generates precise lxc.idmap entries for mounting a host directory into an unprivileged LXC container with specific UID/GID ownership, following the Proxmox wiki's recommended mapping strategy.
For more information, please consult the Unprivileged LXC containers page at the Proxmox wiki.
Generated Configuration:
Important Notes:
- Stop the LXC container before editing its configuration file.
- Always backup configuration files before making changes.
- The user running the container manager (usually `root`) must be authorized for the specified host UID/GID ranges in `/etc/subuid` and `/etc/subgid`.
- Ensure the `Base Host UID/GID for Container's general mapping` (e.g., 100000) and the `Host UID/GID for the mount` (e.g., 1000) do not cause conflicts with existing critical system UIDs/GIDs on the host.
- The mount point `mp0` is used by default. If you have other mount points, increment the number (e.g., `mp1`, `mp2`).
- Review all generated configurations carefully.
1. Prepare Host Directory (run on Proxmox Host):
2. Ensure Host UID/GID Availability (Proxmox Host):
The following lines (or existing lines that cover these ranges) should be present in /etc/subuid for the user `root` (or the user managing LXC):
And similarly, in /etc/subgid:
If you modify `/etc/subuid` or `/etc/subgid`, changes are typically picked up by `pct` for new operations. A host reboot ensures all services are aware, but may not be strictly necessary.
3. Edit LXC Container Configuration:
Add/modify these lines in on the Proxmox Host:
4. Verification (after starting the container):
- Inside LXC:
ls -ln (should show Guest UID/GID: )
- On Host:
ls -ln (should show Host UID/GID: )