mmm *--clear-env *indeed looks like what I was looking for, using it leads to a "clean" PATH
Now shouldn't that be the default ? This looks so weird to me to have a PATH with stuff from the host by default, but again all this is new to me so that's just a comment like that :) thanks for the tip ! On Fri, Mar 3, 2017 at 5:39 PM, Stéphane Graber <stgra...@ubuntu.com> wrote: > On Fri, Mar 03, 2017 at 05:27:25PM +0100, Benoit Barthelet wrote: > > Hello, > > > > It's my first few hours playing with containers so maybe there's > something > > I'm doing wrong or something I overlook, or both. > > > > I'm on debian stretch if that's relevant, using : > > > > ➜ ~ lxc-info --version > > 2.0.7 > > > > I set up an unprivileged container this way: > > > > ➜ ~ lxc-create -t download -n u1 -- -d ubuntu -r xenial -a amd64 > > Using image from local cache > > Unpacking the rootfs > > > > --- > > You just created an Ubuntu container (release=xenial, arch=amd64, > > variant=default) > > > > To enable sshd, run: apt-get install openssh-server > > > > For security reason, container images ship without user accounts > > and without a root password. > > > > Use lxc-attach or chroot directly into the rootfs to set a root password > > or create user accounts. > > > > I then start it and attach: > > > > ➜ ~ lxc-start -n u1 > > ➜ ~ lxc-attach -n u1 > > root@u1:/# echo $PATH > > /home/HOST_USER/bin:/usr/local/bin:/home/HOST_USER/ > Applications/.bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games > > lxc-attach uses its own environment inside the container. There are a > number of lxc-attach options to alter this behavior. > > > > > Now as you can see /sbin is not in the PATH, which means any apt-get > > install BLABLABLA ends up with the following error: > > > > dpkg: warning: 'ldconfig' not found in PATH or not executable > > dpkg: warning: 'start-stop-daemon' not found in PATH or not executable > > dpkg: error: 2 expected programs not found in PATH or not executable > > Note: root's PATH should usually contain /usr/local/sbin, /usr/sbin and > > /sbin > > E: Sub-process /usr/bin/dpkg returned an error code (2) > > > > If I do the exact same commands with sudo, thus creating a NOT > unprivileged > > container, if I got it correctly, well the PATH is "correctly" set up, at > > least /sbin is in it and I can apt-get install anything. > > > > When I say correctly I should say: the way I would expect it when I'm > root. > > That makes me think there's a subtlety about unprivileged container I > don't > > get. > > > > Asking in IRC, I got this answer, which works, I should use: > > > > ➜ ~ lxc-execute -n u1 -- /bin/bash --login > > > > > > Now reading both man pages for attach and execute, at first glance they > > seem to be doing the same except one spawn the instance while the other > > doesn't and uses the one that is running. > > > > Again it's been only a few hours I'm playing with it. > > > > I don't get why in the case of the container created with sudo the PATH > is > > "correct", and not in the case of the unprivileged container. > > > > Is it intended ? It's kind of weird to be root in a machine and unable to > > install a package because of the PATH, hence those questions. > > > > Looking at the templates, it seems they export that PATH > > > > ➜ ~ grep PATH /usr/share/lxc/templates/lxc-ubuntu > > # Make sure the usual locations are in PATH > > export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin > > > > So the -t download switch doesn't use that ? > > > > > > Thanks in advance > > > > > > -- > > benoit barthelet > > http://pgp.mit.edu/pks/lookup?op=get&search=0xF150E01A72F6D2EE > > > _______________________________________________ > > lxc-users mailing list > > lxc-users@lists.linuxcontainers.org > > http://lists.linuxcontainers.org/listinfo/lxc-users > > > -- > Stéphane Graber > Ubuntu developer > http://www.ubuntu.com > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users > -- benoit barthelet http://pgp.mit.edu/pks/lookup?op=get&search=0xF150E01A72F6D2EE
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
