[lxc-users] Unprivileged container and multiple/external users

Andre Nathan andre at digirati.com.br
Wed Jun 25 11:05:55 UTC 2014


Serge,

On 06/04/2014 05:54 PM, Serge Hallyn wrote:
> Quoting Andre Nathan (andre at digirati.com.br):
>> Is there any way around that? Maybe some mount option to map the mount
>> point's UID and GID to something different inside the container?
>
> Not yet.  We were discussing just that yesterday (on lkml I believe),
> but it doesn't yet exist.

Was the discussion "friendly" towards supporting UID shifts for bind mounts?

> For now you must have a separate filesystem
> for each unprivileged container (or at least one per uid map).

Does a btrfs subvolume count as a filesystem here?

With multiple root-owned unprivileged containers, do I still need one 
filesystem for each container or would one be enough given they're all 
owned by the same user?

Thanks,
Andre


More information about the lxc-users mailing list