1. expand the range of uid and gid available by editing /etc/subuid and /etc/subgid
[email protected]:~$ sudo cat /etc/subuid
lxd:1000:100000000
root:1000:100000000
[email protected]:~$ sudo cat /etc/subgid
lxd:1000:100000000
root:1000:100000000
2. restart lxd to apply those changes[email protected]:~$ sudo /etc/init.d/lxd restart
[ ok ] Restarting lxd (via systemctl): lxd.service.
3. launch your container[email protected]:~$ lxc create :ubuntu $your_container
where you replace the $your_container value with whatever you would like to call your lxd container
4. enable an isolated idmap for your container[email protected]:~$ lxc config set $your_container security.idmap.isolated true
5. map the local user ids and group ids to the in container uid and gid[email protected]:~$ lxc config set bootybox raw.idmap "both 1000-2000 3000-4000"
where the parameters being passed in this example mean both (uid, and gid) in the range of 1000-2000 on the local host will be mapped to the range of 3000-4000 inside of the lxd container.
ex: uid 1001 on the local host = uid 3001 inside of the container
6. add your media[email protected]:~$ lxc config device add $your_container media disk source=/zpool1/media/ path=/media
media = the name you would like to give this attachment
source = the source on the local host of the directory you would like to share
path = the path inside the container you would like to mount the source (make sure this exists)
7. restart your container for the new mappings to kick in[email protected]:~$ lxc restart bootybox
8. exec into your container and check that all is well[email protected]:~$ lxc exec bootybox bash
[email protected]:~# ls -l /media/
total 76
drwxrwx--- 2 3000 3001 2 Jun 2 21:22 games
...
9. profit.