Podman rootless urbackup-server

dda0e2 · December 25, 2025, 7:07pm

The subvolume was mounted with the user_subvol_rm_allowed option, and now it is possible to create and remove snapshots as a non-root user.

I ran

podman run -d \
   --name urbackup \
  -e PUID=0 \
  -e PGID=0 \
  -v $URBACKUP_BACKUPS:/backups \
  -v $URBACKUP_DB:/var/urbackup \
  --network host \
  --cap-add SYS_ADMIN \
  uroni/urbackup-server:latest-btrfs

So, it maps the in-container root to my host’s plain user ID.

The podman exec -it urbackup urbackup_snapshot_helper test command passed successfully, with the following output:

Testing for btrfs...
Create subvolume '/backups/testA54hj5luZtlorr494/A'
Create snapshot of '/backups/testA54hj5luZtlorr494/A' in '/backups/testA54hj5luZtlorr494/B'
Delete subvolume 313 (commit): '/backups/testA54hj5luZtlorr494/A'
Delete subvolume 314 (commit): '/backups/testA54hj5luZtlorr494/B'
BTRFS TEST OK

Backups are made with no problem using the btrfs snapshot feature, too. However, when I try to delete any backup via the web panel, I get the following error: Error deleting backup: See server log file for details. The logs contain the following:

ERROR: Could not destroy subvolume/snapshot: Read-only file system
Delete subvolume 315 (commit): '/backups/DESKTOP-F6PKA7S/251225-2127'
ERROR: Error deleting directory "/backups/DESKTOP-F6PKA7S/251225-2127"
ERROR: Directory still exists. Deleting backup failed. Path: "/backups/DESKTOP-F6PKA7S/251225-2127"

As a non-root host user, I can manually change the read-only state of the subvolume btrfs property set ../DESKTOP-F6PKA7S/251225-2127 ro false, and then delete it btrfs subvolume delete ../DESKTOP-F6PKA7S/251225-2127, without any problems. I also tried options like --privileged, --uidmap, --userns in different combinations with no result.
Has anyone managed to do this? Is there any way to make it work properly without using extra scripts or editing the source?
Thanks in advance for any help.

David_Music · January 12, 2026, 7:26pm

I have seen this error message a number of times.
In my case, it turned out that I had set the /backups mapping to the wrong location. Urbackup created the necessary directory hierarchy and all looked well but, the permissions were wrong. So, it creates a normal folder with client name, creates a subvolume with yyyymmdd-hhmm and then sets that subvol to ro so that future snapshots etc will play nicely. BUT, because it created the whole lot in the wrong place - it couldn’t reset any subvols or snapshots to rw including the one it just created.

I used the chmod g+rws command to ensure all the client folders would inherit and made them owned by myusername:users. Plus, pointing to the correct location.
Lastly - i insured the file name “backupfolder” in the “db” directory had the correct name in it. (Usually “/backups”).

If you do/did solve this with something else - it would be nice to know.

dda0e2 · January 22, 2026, 10:37am

Thank you for your response.

Apparently, even a plain user who owns the read-only snapshot cannot remove it, even with the user_subvol_rm_allowed mount option.
This is not described in any official documentation that I found.
Currently, it is not possible to achieve the goal without taking extra actions, such as amending the remove_subvolume function or using an external script to change the read-only state.