[lxc-users] Docker in unprivileged LXC?

Dirk Geschke dirk at lug-erding.de
Wed Nov 20 11:41:16 UTC 2019


Hi Oliver,

> afaik:
> 
> security.nesting: "true"
> 
> makes the container automatically privileged...

half-and-half, I guess. But I asked for LXC not LXD...

However, if I start the container half unprivileged (starting
as root but using uid/gid mapping) it seems to work. So probably
that is the way to go here...

Not ideally, but more secure then pure docker on the hardware...

Best regards

Dirk

-- 
+----------------------------------------------------------------------+
| Dr. Dirk Geschke       / Plankensteinweg 61    / 85435 Erding        |
| Telefon: 08122-559448  / Mobil: 0176-96906350 / Fax: 08122-9818106   |
| dirk at geschke-online.de / dirk at lug-erding.de  / kontakt at lug-erding.de |
+----------------------------------------------------------------------+


More information about the lxc-users mailing list