since lxd 2.6 you can use security.idmap.isolated https://github.com/lxc/lxd/blob/master/doc/userns-idmap.md#different-idmaps-per-container
On Thu, Jan 26, 2017, 1:04 AM Fajar A. Nugraha <l...@fajar.net> wrote: > On Thu, Jan 26, 2017 at 12:20 PM, Aron Podrigal <ar...@guaranteedplus.com> > wrote: > > you can use lxc.raw for this in lxd ;) > > > Have you tested it? > > On xenial + lxd 2.0.8-0ubuntu1~ubuntu, it doesn't work. > > At least, not with lots of manual changis (including UID shifting the > rootfs manually), which (among others) result in > 'volatile.last_state.idmap' doesn't match what the actual rootfs uses. > > -- > Fajar > > > > On Wed, Jan 25, 2017, 11:50 PM Fajar A. Nugraha <l...@fajar.net> wrote: > > On Wed, Jan 25, 2017 at 10:12 PM, Witold Filipczyk <gglate...@gmail.com> > wrote: > > On Wed, Jan 25, 2017 at 08:36:23AM -0500, brian mullan wrote: > > Witold > > > > There is a tool called "fuidshift" you can use to shift the gid/uid for > you. > > > > http://manpages.ubuntu.com/manpages/xenial/man1/fuidshift.1.html > > > > This previous lxc-users mailer thread can also give you some idea of its > > use: > > > > > http://lxc-users.linuxcontainers.narkive.com/atlj58eG/proper-usage-of-fuidshift > > > > fuidshift will be installed along with some other "tools" if you install > > the lxd-tools package: > > > > *sudo apt-get install lxd-tools* > > Thanks for the reply, but must be some simpler method. > > In lxc configuration it was: > lxc.id_map = u 0 200000 65536 > lxc.id_map = g 0 200000 65536 > > How to express it in lxd and pylxd? > > > Short version: AFAIK that's not possible in lxd. You'd either use > privileged container, or unpriv container (with the same mapping for all > containers). > > -- > Fajar > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
