Re: lxc and subuid

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lxc and subuid

From:	Maxime Devos
Subject:	Re: lxc and subuid
Date:	Wed, 30 Mar 2022 13:30:22 +0200
User-agent:	Evolution 3.38.3-1

Antonio Carlos Padoan Junior schreef op wo 30-03-2022 om 08:51 [+0200]:
> Hello,
> 
> I'm trying to figure out how to set a unprivileged container using lxc
> in guix. I do not know either how to allocate subuid/gid space in guix,

subuid/gid are _not_ unprivileged.  They are an userspace feature by
the (privileged) setuid binary 'newuidmap', see
<https://manpages.debian.org/buster/uidmap/newuidmap.1.en.html>.

I don't think there's currently a mechanism for that in Guix System,
except manually creating and modifying /etc/subuid appropriately and
installing the setuid binaries.  However, I suppose that the 'user-
account' record could be extended to support subuid/subgid and
automatically create /etc/subuid.

Greetings,
Maxime

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

lxc and subuid, Antonio Carlos Padoan Junior, 2022/03/30
- Re: lxc and subuid, Maxime Devos <=
  - Re: lxc and subuid, Antonio Carlos Padoan Junior, 2022/03/30
    - Re: lxc and subuid, Maxime Devos, 2022/03/30

Prev by Date: Re: The Shepherd on Fibers
Next by Date: Autotools-generated 'configure' & 'Makefile.in' considered binaries?
Previous by thread: lxc and subuid
Next by thread: Re: lxc and subuid
Index(es):
- Date
- Thread