[lxc-devel] id + sssd does not work properly in unprivileged container

Tamas Papp tompos at martos.bme.hu
Thu Jan 7 13:15:55 UTC 2016


hi,

First of all I want to declare, that I'm not sure it really because of 
an unprivileged container...but I have not found other difference yet.

Ordinary users are coming from ldap servers. On clients sss is 
configured properly, everything works properly so far.
Recently I deployed a container, however not with pure privileged LXC 
(running as root), but LXD (unprivileged).

Now one thing does not work and it makes things messed up.

this works: id USER
this not: id (running as USER)

The second one does not reflects user ldap groups.

Obviously the same happens for example if I want to use sudo or 
something else, that depends on the user's ldap group.


I have strace outputs, I see difference, but no reason.
Any idea? To me it looks like a kind of weird bug.

Thanks,
tamas


More information about the lxc-devel mailing list