[lxc-users] Executing a command inside a running container? (ng)

[frodox]

yup, lxc-attach starts a process inside a running container. But it can starts only processes/programs that already exists (installed) inside a container.

May be I misunderstand Dominik Schulz, but what I mean -- how to execute/move a process from host OS inside a running container 
(i.e. without installing it inside; like run it in sandbox or move already running process).
It is very close to recent thread "Howto/Tutorial wanted: Running an application inside a container" 
(btw, I succeeded your tutorial in that thread, except gui apps.)


And, well, related question.
I read a lot, that it's not good to run lxc-execute, and also you said
 > ... Again, personally I prefer to simply use full OS in the container(even with the consequence oh having to update it separately from thehost) combined with lxc-start and lxc-attach.

is there any security issues, except 
 > For the network interface part you can work around it by specifying it in the container config file, but you might need other things configured as well (e.g. iptables, dependent services like mysql,etc), 
> which is why I would recommend lxc-start and lxc-attach over lxc-execute.

while use lxc-execute? 
may be, we can improve lxc-execute in that way..? 

--
Regards, Christian.


 > ---- On Mon, 09 Jun 2014 17:19:15 +0400 Fajar A. Nugraha<list at fajar.net> wrote ---- 
 > 
 > On Mon, Jun 9, 2014 at 5:53 PM, frodox <frodox at zoho.com> wrote:
 > > Hi all.
 > >
 > > A few years ago there was a thread about executing a command inside a
 > > running container [1].
 > 
 > > But how about nowadays?
 > > Is it possible now, since we have a new system call setns(2), which looks
 > > like does exactly necessary thing?
 > 
 > http://manpages.ubuntu.com/manpages/trusty/man1/lxc-attach.1.html
 > 
 > -- 
 > Fajar