Hi Oliver, > afaik: > > security.nesting: "true" > > makes the container automatically privileged...
half-and-half, I guess. But I asked for LXC not LXD... However, if I start the container half unprivileged (starting as root but using uid/gid mapping) it seems to work. So probably that is the way to go here... Not ideally, but more secure then pure docker on the hardware... Best regards Dirk -- +----------------------------------------------------------------------+ | Dr. Dirk Geschke / Plankensteinweg 61 / 85435 Erding | | Telefon: 08122-559448 / Mobil: 0176-96906350 / Fax: 08122-9818106 | | d...@geschke-online.de / d...@lug-erding.de / kont...@lug-erding.de | +----------------------------------------------------------------------+ _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
