[lxc-users] Inittab, consoles and unprivileged containers.

Andrey Repin anrdaemon at yandex.ru
Fri Mar 6 20:12:12 UTC 2020 

Greetings, Ben Green!

> I'm wondering if I could have my inittab set up better for my
> environment. I'm running LXC conataners, full root file systems, Debian.
> Running sysv and not systemd. I've found this the only way to properly
> get root on these machines:


>  lxcadmin at darkwing:~$ lxc-attach -n karoo
>  root at karoo:/# su -
>  mesg: ttyname failed: No such device
>  root at karoo:~#

~/.bash_aliases

      inscreen(){
        if screen -S "main" -X select . 2> /dev/null 1>&2 ; then
          printf 'screen -S "main" -X screen '
          printf "'%s' " "$@" "--"
        fi
      }; readonly -f inscreen
      xat(){
        if [ "$2" = "-u" ]; then
          _host="$1"
          shift 2
          if [ "$1" ]; then
            set -- "$_host" "$@"
          else
            set -- "$_host" "$USER"
          fi
        fi
        eval $(inscreen -t "LXC:$*") 'sudo lxc-attach -n "${1:-dc1}" -- su -l "${@:2}"'

Then "xat container [ -u [user] ]" will run user's login session. Defaults to root, as you
could imagine, or to your current $USER, if you specify -u without a name.

> The initial login lacks the full environment without the 'su -'m that is
> bash is running, but the standard login scripts have not been run and
> ENV is not fully populated.

That's normal and even preferred for automated scripts, but I can see it being
a problem for human. So, the aliases (functions) I made.

> The warning 'mesg: ttyname failed: No such device' show that the shell
> I'm in has no access to a tty, it's a 'mesg n' command being run from
> '/root/.profile'. I guess that's fine.

More or less, yes.

> I'm interested in:

> * Is there a way I can create an accessible console for these machines?

What for? Personally, I disable creation of any consoles in a container. Even
the "/dev/console" getty gets a shot in the head for being totally useless.

> * Is there a better way of using lxc-attach to get a full normal enviroment?

See above.

> * What should inittab read and would it facilitate this? (It's currently
> the Debian default).

No idea, what do you plan to achieve.
(Also I have no idea, why you aren't running systemd.)

> As well as direct answers I'd love some resources to read around this if
> people have any recommendations.



-- 
With best regards,
Andrey Repin
Friday, March 6, 2020 22:56:26

Sorry for my terrible english...

More information about the lxc-users mailing list