How to bind mount Proxmox NAS ( SMB / NFS / CIFS shares on OpenMediaVault, TrueNAS, Unraid VM etc) running on Virtual Machine and Unprivileged LXC container so that LXC container can WRITE back to the NAS? We will see today how it can be done. In one of the previous videos we already went through the process of adding media library kept in OpenMediaVault Shared Folder and bind mount it on Jellyfin LXC unprivileged container ( were both OMV and Jellyfin were running on Proxmox ): th-cam.com/video/aEzo_u6SJsk/w-d-xo.html In that video - as you noticed - the LXC container had only READ permissions on that remote Shared Folder, we could not write from LXC container to OMV running on Virtual Machine. This is default behaviour and today we will see why is that and what we need to change to be able to also WRITE from any LXC container to any Virtual Machine. Please also see another video where I created a bash script that does all of that automatically every time when you restart Proxmox: th-cam.com/video/Hu1fY0-FvVE/w-d-xo.html ===TIMESTAMPS=== 0:00 read AND WRITE from unprivileged LXC container to Proxmox VM 1:15 OpenMediaVault VM shared folder configuration 2:10 mount OMV shared folder to Proxmox 7:20 create LXC container 11:10 the reason why you cant write from unprivileged container to Proxmox VM 13:30 how to read AND WRITE from unprivileged container for root user 18:15 read and WRITE from unprivileged container as other user 19:10 create a user on LXC container 22:15 not only Proxmox, it works for all linux distributions Hope that helps. Please let me know if you have any questions Marek
What if however I wanted to pass PVE /mnt/minipc to the LXC at /shared and provide multiple users access? marek = RW, autoavenue = R, User1 = RW - if each user gets a U.id and a G.id and we use those to set the mount configuration - doesn’t that limit you to the specific U.id and G.id? Or, what if /mnt/minipc already exists and we want to broker its connection to multiple LXCs? Absolutely fabulous guide - very clear and elegant. I ran across it when trying to figure out how to pass /dev/dri to an unprivileged LXC and give the user in the container the rights to use the device (iGPU pass through for HW transcode) but the solution in the LXC also mounted multiple items in docker in the LXC. I was able to make it work by changing it to a privileged container (validating that it was a permissions issue not a technological one), but I would like to know how to pass an existing device or share to an unprivileged LXC and give it the rights it needs. Thanks!
Hi! To achieve that you might be looking into changing the mappings between host and LXC id's , I mean something like here in this article: itsembedded.com/sysadmin/proxmox_bind_unprivileged_lxc/ That will allow you manage more than one user. Thank you for watching and commenting! Marek
Thank you for guide. Have you been able to setup nested share in OMV? Parentfolder, childfolder.. Nas/doc, Nas/media. And doing that setting permission/acl to where certain users or app can read or write to the child folder only. And not whole share mount.
You can"t use fstab unless you use start delay for OMV. The problem with mounting after reboot was discussed and I created srparate video about it: th-cam.com/video/Hu1fY0-FvVE/w-d-xo.html Thank you for watching :) Marek
Very good videos and explanation but i have one problem and i dont know how to solve it. The scirpt wont mount the share and it gives mount error(115) but if i do it manually in the terminal it works without problem. Can there be any permission problem for the cron that cant execute the mount operation?
Don't think that would come from permission problem tbh. Not sure what your script looks like, but I would first try to unmount it and write a script with sleep commands in between, something like in this video: th-cam.com/video/Hu1fY0-FvVE/w-d-xo.html I noticed networking stack to be a bit laggy sometimes, but this is just my guess. Please have a go and let me know if that helped. Thank you for watching. Marek
@@Automation-Avenue i commented on a wrong video :) everything is exactly as in that video and i cant find solution to it , but will try to dig deeper ... thank you
Hello Automation Avenue, I hope you are well. I visited your TH-cam Channel. Your content is Excellent. But your Channel is not growing, Because your Content title and Description are not SEO-friendly and do not have Enough Rank tags. This is why there is no Content Coming to the top of TH-cam. As a result, your video SEO Score is very low, according to VidiQ, (your channel's video's SEO score is 0 / out of 100, which should be 90+). If you want, I can make it 90+, which will help your channel grow faster. If you SEO your videos Properly then the Channel Progress will be very Fast & Subscribers and Views will Increase. If you want I can solve problems and help you rank your videos Better. If you are Interested Please Let me know. Regards, Nazmun (TH-cam Video SEO Expert).
How to bind mount Proxmox NAS ( SMB / NFS / CIFS shares on OpenMediaVault, TrueNAS, Unraid VM etc) running on Virtual Machine and Unprivileged LXC container so that LXC container can WRITE back to the NAS?
We will see today how it can be done.
In one of the previous videos we already went through the process of adding media library kept in OpenMediaVault Shared Folder and bind mount it on Jellyfin LXC unprivileged container ( were both OMV and Jellyfin were running on Proxmox ):
th-cam.com/video/aEzo_u6SJsk/w-d-xo.html
In that video - as you noticed - the LXC container had only READ permissions on that remote Shared Folder, we could not write from LXC container to OMV running on Virtual Machine.
This is default behaviour and today we will see why is that and what we need to change to be able to also WRITE from any LXC container to any Virtual Machine.
Please also see another video where I created a bash script that does all of that automatically every time when you restart Proxmox:
th-cam.com/video/Hu1fY0-FvVE/w-d-xo.html
===TIMESTAMPS===
0:00 read AND WRITE from unprivileged LXC container to Proxmox VM
1:15 OpenMediaVault VM shared folder configuration
2:10 mount OMV shared folder to Proxmox
7:20 create LXC container
11:10 the reason why you cant write from unprivileged container to Proxmox VM
13:30 how to read AND WRITE from unprivileged container for root user
18:15 read and WRITE from unprivileged container as other user
19:10 create a user on LXC container
22:15 not only Proxmox, it works for all linux distributions
Hope that helps.
Please let me know if you have any questions
Marek
Thank you very much for sharing, exactly what I was looking for.
Thank you for your effort in explaining it so clearly. Greetings from Spain
Glad I could help :)
Marek
Find your channel recently. Thanks for the useful, easy explanations.
Glad I can help!
Thank you for watching :)
Marek
It is really great explainer. Nothing more, nothing less.
Thanks a lot for sharing your experience.
I am really happy I could help.
Thank you for watching and for your comment :)
Marek
Thank you, best Video for NAS and Proxmox
Glad you liked it!
Marek
This has been absolutely spot, i able able to download file using qbittorrent in an lxc and passing the files straight to my Samba Shared folder😄😄😄😄
Glad I could help :)
Thank you for watching and commenting
Marek
Interesting, I was able to configure this but shares doesnt see completed files from lxc. And the lxc is the only one that sees the new files.
What if however I wanted to pass PVE /mnt/minipc to the LXC at /shared and provide multiple users access? marek = RW, autoavenue = R, User1 = RW - if each user gets a U.id and a G.id and we use those to set the mount configuration - doesn’t that limit you to the specific U.id and G.id? Or, what if /mnt/minipc already exists and we want to broker its connection to multiple LXCs?
Absolutely fabulous guide - very clear and elegant. I ran across it when trying to figure out how to pass /dev/dri to an unprivileged LXC and give the user in the container the rights to use the device (iGPU pass through for HW transcode) but the solution in the LXC also mounted multiple items in docker in the LXC. I was able to make it work by changing it to a privileged container (validating that it was a permissions issue not a technological one), but I would like to know how to pass an existing device or share to an unprivileged LXC and give it the rights it needs. Thanks!
Hi! To achieve that you might be looking into changing the mappings between host and LXC id's , I mean something like here in this article:
itsembedded.com/sysadmin/proxmox_bind_unprivileged_lxc/
That will allow you manage more than one user.
Thank you for watching and commenting!
Marek
this is greats tutorial
thanks sir
You are most welcome :)
Marek
정말 유익한 내용입니다. 감사합니다.
저도 감사드립니다
Thank you for guide. Have you been able to setup nested share in OMV? Parentfolder, childfolder.. Nas/doc, Nas/media. And doing that setting permission/acl to where certain users or app can read or write to the child folder only. And not whole share mount.
No I haven't tried that yet, if I do - I will let you know.
Thank you for watching :)
Marek
Much appreciate this!!
Thank you
I am glad it was helpful!
Thank you for your comment. Marek
This is exactly what I was missing. Thank you so much.
You're very welcome! Thank you for watching.
Marek
Fstab mount your nfs or cifs to the host, then bind mount the mount point to the lxc
You can"t use fstab unless you use start delay for OMV.
The problem with mounting after reboot was discussed and I created srparate video about it:
th-cam.com/video/Hu1fY0-FvVE/w-d-xo.html
Thank you for watching :)
Marek
Hello,
is it the same way without user and pw for nfs?
Sure, if you set your NFS to allow guest / anonymous users then there is no need to specify one.
Thank you for watching :)
Marek
Very good videos and explanation but i have one problem and i dont know how to solve it. The scirpt wont mount the share and it gives mount error(115) but if i do it manually in the terminal it works without problem. Can there be any permission problem for the cron that cant execute the mount operation?
Don't think that would come from permission problem tbh. Not sure what your script looks like, but I would first try to unmount it and write a script with sleep commands in between, something like in this video:
th-cam.com/video/Hu1fY0-FvVE/w-d-xo.html
I noticed networking stack to be a bit laggy sometimes, but this is just my guess.
Please have a go and let me know if that helped.
Thank you for watching.
Marek
@@Automation-Avenue i commented on a wrong video :) everything is exactly as in that video and i cant find solution to it , but will try to dig deeper ... thank you
great video, thx
you don't have enough subscriber )=
great explaination like every time
I appreciate your kind words :)
Thank you for watching and commenting.
Marek
Hello
Automation Avenue, I hope you are well. I visited your TH-cam Channel. Your content is Excellent. But your Channel is not growing, Because your Content title and Description are not SEO-friendly and do not have Enough Rank tags. This is why there is no Content Coming to the top of TH-cam. As a result, your video SEO Score is very low, according to VidiQ, (your channel's video's SEO score is 0 / out of 100, which should be 90+). If you want, I can make it 90+, which will help your channel grow faster. If you SEO your videos Properly then the Channel Progress will be very Fast & Subscribers and Views will Increase. If you want I can solve problems and help you rank your videos Better. If you are Interested Please Let me know.
Regards,
Nazmun (TH-cam Video SEO Expert).
The channel is growing fine mate :), Thank you for watching !
@@Automation-Avenue Thank