[Lxc-users] Launching init in a container as non-root
Ryan Campbell
ryan.campbell at gmail.com
Tue Oct 18 14:01:18 UTC 2011
fedora 13
lxc 0.7.2-1.fc13
I've used lxc-setcap to allow non-root to run lxc-start. This seems to
work OK, until LXC attempts to launch init. Init fails with "init:
Need to be root".
I would expect init to be launched using the 0 UID of the container.
However, from what I've read, UID namespaces are not complete yet.
Is this correct? Should one expect that once UID namespaces are
implemented within lxc, that one should be able to launch processes as
"root" within the container, but have them run as non-root from the
perspective of the host?
Is there anywhere I can read more about this?
Thanks,
Ryan
More information about the lxc-users
mailing list