In order for the LXC container to have full access the proxmox host directory, a subgid is set as owner of a host directory, and an ACL is used to ensure permissions.
Add the following line to /etc/pve/lxc/<CT_ID>.conf
mp0:/mount/point/on/host,mp=/mount/point/on/lxc
In the default Proxmox configuration, unpriviliged container subgids will have the prefix "10" followed by the expected 4-digit gid.
addgroup --gid <GID (ie."101000")> <GroupName (ie."container-data")>
Any members of -GID- will have "rwx", new files from -GID- have "rwx" default Note: documentation suggests the "-d" flag should be used to assign default, however I have been able to get the desired result without, so... take that as you will
chgrp -R <GroupName> <Dataset>
chmod -R 2775 <Dataset>
setfacl -Rm g:<GID>:rwx,d:g:<GID>:rwx <Dataset>
GID needs to match the last 4 digits of the subgid assigned earlier
addgroup --gid <GID (ie."1000")> <GroupName (ie."container-data")>
usermod -aG <GroupName> <User>
You should now be able to make modifications to the assigned directory on the host system from within the unpriviliged container.
https://blog.felixbrucker.com/2015/10/01/how-to-mount-host-directories-inside-a-proxmox-lxc-container/ https://www.reddit.com/r/homelab/comments/4h0erv/resolving_permissions_issues_with_host_bind/
Thanks, very useful