Unprivileged lxc-containers

		LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Arch
Unprivileged lxc-containers

Arch This Forum is for the discussion of Arch Linux.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.

Exclusive for LQ members, get up to 45% off per month. Click here for more info.

Search this Thread

07-18-2019, 07:15 AM	#1
platypo Member Registered: Sep 2015 Distribution: Debian, Archlinux Posts: 140 Rep:	Unprivileged lxc-containers I don't understand some aspects of lxc containers like the correct usage of user namespaces when creating unprivileged lxc-containers. I am trying to create an unprivileged alpine-linux container using lxc 1:3.1.0-2 on a Raspberry Pi 3B running 4.19.58-1-ARCH ARM. I followed these steps. I enabled user namespaces and set up a network bridge successfully. When it comes to user subuid mapping i fail to comprehend. As far as i understand /etc/subuid enables the user <user>, who runs the unprivileged container, to map to uid 100000-165536 (wich would be uid 0-65536 on the container) on the host machine in this example: Code: <user>:100000:65536 Same goes for /etc/subgid. Is it recommended to create an extra user on the host machine to run the container in the first place or can i run the container with my "standard" user with the uid 1000? Do i create the follow-up-users that the users in the container point to or is that managed by lxc? I assume there are further steps to be done to create an enviroment for the unprivileged container like copying templates or config files to the users home directory or am i completely on the wrong track here? Last edited by platypo; 07-18-2019 at 07:40 AM.

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
LXer: Everything You Need to Know about Linux Containers, Part II: Working with Linux Containers (LXC)	LXer	Syndicated Linux News	0	08-27-2018 01:53 PM
Network help with unprivileged lxc containers on -current	Rinndalir	Slackware	6	09-10-2015 11:59 AM
Unable to start unprivileged Lxc container on Debian Sid	hurd	Debian	0	02-02-2015 10:45 PM
LXC unprivileged container - operation no permitted	gauthig	Linux - Virtualization and Cloud	2	07-15-2014 03:34 PM

All times are GMT -5. The time now is 06:49 AM.

Main Menu

(Con't)

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

Twitter: @linuxquestions