Hi all,
I am dipping my toes into LXC and I'm liking what I see so far.
I have one question about privileges/security inside containers: I have
started a container and then accessed it with:
lxc exec c1 /bin/bash
If I run netstat -anp it will refuse to show me process information for
processes that I do not own (even though I appear to be root).
For instance an haproxy instance listening on port 3000 appears as the
following (haproxy is running as user haproxy):
root@c1:~# netstat -anp | grep 3000
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 127.0.0.1:3000 0.0.0.0:* LISTEN
-
I am running the latest lxc/lxd on Ubuntu 16.04.
>From what I have read I understand there is some uid mapping going on but I
was hoping someone could explain it to me or point me in the right
direction.
TIA,
Umberto
_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users
