[lxc-users] [lxc-devel] id + sssd does not work properly in unprivileged container

Tamas Papp tompos at martos.bme.hu
Fri May 6 08:48:44 UTC 2016



On 01/07/2016 02:15 PM, Tamas Papp wrote:
> hi,
>
> First of all I want to declare, that I'm not sure it really because of 
> an unprivileged container...but I have not found other difference yet.
>
> Ordinary users are coming from ldap servers. On clients sss is 
> configured properly, everything works properly so far.
> Recently I deployed a container, however not with pure privileged LXC 
> (running as root), but LXD (unprivileged).
>
> Now one thing does not work and it makes things messed up.
>
> this works: id USER
> this not: id (running as USER)
>
> The second one does not reflects user ldap groups.
>
> Obviously the same happens for example if I want to use sudo or 
> something else, that depends on the user's ldap group.
>
>
> I have strace outputs, I see difference, but no reason.
> Any idea? To me it looks like a kind of weird bug.

hi,


First time I sent it to the devel list, but maybe it would be better 
here: did anybody else face this behaviour?


If I set 'security.privileged: true', it is working fine.


10x
tamas


More information about the lxc-users mailing list