[lxc-users] lxc-create using lxc.idmap?

Serge E. Hallyn serge at hallyn.com
Tue Jul 17 21:51:53 UTC 2018


Quoting Christian Brauner (christian at brauner.io):
> On Mon, Jul 16, 2018 at 08:24:09AM +0200, Harald Dunkel wrote:
> > Hi folks,
> > 
> > is there a way to tell lxc-create to support a custom(!) UID and
> > GID map via lxc.idmap? Each container should get its own mapping.
> > 
> > Problem behind this is that some containers may affect each other
> > by exceeding the maximum number of threads. (Is this as expected?
> > This is lxc 2.0.9.)
> > 
> > Subuids/subgids are not an option. I would like to use something
> > like
> > 
> > % su -
> > # lxc-create -t debian \
> > 	-o "lxc.idmap = u 0 100000 65536" \
> > 	-o "lxc.idmap = g 0 100000 65536" ...
> > 
> > to set the mapping right from the start, without touching /etc/lxc/\
> > default.conf.
> > 
> > Do you think this could be possible?
> 
> Well, lxc-create could do what lxc-start is doing and grow an -s option.

Yeah that seems like a good idea


More information about the lxc-users mailing list