[lxc-users] Jenny I Got Your (UID/GID) Number!

RayFerguson subscriber at share-foo.com
Fri Aug 12 20:46:07 UTC 2016 

This is shorthand showing an lxd route to the X gui and uid/gid mapping
described in this lxc howto.

https://www.stgraber.org/2014/02/09/lxc-1-0-gui-in-containers/

Google Tommy TuTone If you are too young for pop culture references that
predate the Commodore 64.

rferguson at mate  0 $ cat /etc/subuid
rferguson:100000:65536
lxd:165536:65536
root:165536:65536
*root:1000:1*

rferguson at mate snow_itsm_via_eis 0 $ cat /etc/subgid
rferguson:100000:65536
lxd:165536:65536
root:165536:65536
*root:1000:1000*

rferguson at mate  0 $ lxc profile show jenny
name: jenny
config:
  raw.lxc: |
    lxc.id_map = u 8675309 1000 1
    lxc.id_map = g 8675309 1000 1
description: ""
devices:
  homejenny:
    path: /home/jenny
    recursive: "1"
    source: /home/rferguson/jenny
    type: disk

rferguson at mate snow_itsm_via_eis 1 $ lxc config show ao34
name: ao34
profiles:
- local
- em7
- em81
*- jenny*
config:
  user.ip: 10.0.2.34
  user.model: ao
  volatile.base_image:
785c911b9da0962c03ccfb4f21703f847cfb05f8b0be9f19226869c520e6df0d
  volatile.eth0.hwaddr: 00:16:3e:ba:c2:33
  volatile.last_state.idmap:
'[{"Isuid":true,"Isgid":false,"Hostid":165536,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":165536,"Nsid":0,"Maprange":65536}]'
devices: {}
ephemeral: false

rferguson at mate  0 $ tail -5 ~/.bashrc
# local X connections lets the gui work.
xhost | grep -q LOCAL:  ||   xhost +local:
# Binds the things you want jenny to see in her homedir.
grep -q /home/rferguson/jenny/projects /proc/mounts || sudo mount -o
bind,rshared /home/rferguson/google_drive/silo/projects/
/home/rferguson/jenny/projects
grep -q /home/rferguson/jenny/code /proc/mounts || sudo mount -o
bind,rshared /home/rferguson/code /home/rferguson/jenny/code

rferguson at mate  0 $ mkdir -p /home/rferguson/jenny/code
/home/rferguson/jenny/projects

rferguson at mate  0 $ . ~/.bashrc

rferguson at mate snow_itsm_via_eis 0 $ lxc exec ao34 su -
Last login: Fri Aug 12 19:55:08 UTC 2016
[root at ao34 ~]# groupadd -g 8675309 jenny
[root at ao34 ~]#  useradd -u 8675309 -g jenny -s /bin/bash -m jenny1
[root at ao34 ~]# su - jenny
[root at ao34 ~]# df /home/jenny/
Filesystem     1K-blocks     Used Available Use% Mounted on
zpool0/home    539043328 11912320 527131008   3% /home/jenny
[root at ao34 ~]# su - jenny
Last login: Fri Aug 12 20:11:05 UTC 2016
[jenny at ao34 ~]$


#Your ssh/pam stack might not be happy about the uid being abnormally high.
That can be worked around with the following.
[jenny at ao34 ~]$ grep pam_loginuid /etc/pam.d/sshd
session    *optional*     pam_loginuid.so

[jenny at ao34 ~]$ echo 'echo  "Nobody puts Baby in the container. Come on.
Sorry about the disruption"' >> ~/.bash_profile
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160812/5dc17b14/attachment.html>

More information about the lxc-users mailing list