Unprivileged

Warning

Work In Progress

Mandatory

Configuration

  • config

lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536

Permissions

Todo

shift root's uid for rootfs

Not sure

Packages

uidmap

Configuration

  • /etc/sysctl.conf

kernel.unprivileged_userns_clone=1
  • /etc/subgid

  • /etc/subuid

root:100000:65536
  • config

lxc.include = /usr/share/lxc/config/userns.conf
lxc.apparmor.profile = unconfined