in the latest versions of lxc, a man page has been added, I'll copy and paste from that for your reference
- - - LXC-ATTACH(1) LXC-ATTACH(1) NAME lxc-attach - start a process inside a running container. SYNOPSIS lxc-attach -n name [-a arch] [-e] [-- command] DESCRIPTION lxc-attach runs the specified command inside the container specified by name. The container has to be running already. If no command is specified, the current default shell of the user running lxc-attach will be looked up inside the container and executed. This will fail if no such user exists inside the container or the container does not have a working nsswitch mechanism. OPTIONS -a, --arch arch Specify the architecture which the kernel should appear to be running as to the command executed. This option will accept the same settings as the lxc.arch option in container configuration files, see lxc.conf(5). By default, the current archictecture of the running container will be used. -e, --elevated-privileges Do not drop privileges when running command inside the container. If this option is specified, the new process will not be added to the container's cgroup(s) and it will not drop its capabilities before executing. Warning: This may leak privileges into the container if the command starts subprocesses that remain active after the main process that was attached is terminated. The (re-)starting of daemons inside the container is problematic, especially if the daemon starts a lot of subprocesses such as cron or sshd. Use with great care. COMMON OPTIONS These options are common to most of lxc commands. -?, -h, --help Print a longer usage message than normal. --usage Give the usage message -q, --quiet mute on -o, --logfile=FILE Output to an alternate log FILE. The default is no log. -l, --logpriority=LEVEL Set log priority to LEVEL. The default log priority is ERROR. Possible values are : FATAL, CRIT, WARN, ERROR, NOTICE, INFO, DEBUG. Note that this option is setting the priority of the events log in the alternate log file. It do not have effect on the ERROR events log on stderr. -n, --name=NAME Use container identifier NAME. The container identifier format is an alphanumeric string. EXAMPLES To spawn a new shell running inside an existing container, use lxc-attach -n container To restart the cron service of a running Debian container, use lxc-attach -n container -- /etc/init.d/cron restart To deactivate the network link eth1 of a running container that does not have the NET_ADMIN capability, use the -e option to use increased capabilities: lxc-attach -n container -e -- /sbin/ip link delete eth1 SECURITY The -e should be used with care, as it may break the isolation of the containers if used improperly. SEE ALSO lxc(1), lxc-create(1), lxc-destroy(1), lxc-start(1), lxc-stop(1), lxc-execute(1), lxc-kill(1), lxc-console(1), lxc-monitor(1), lxc-wait(1), lxc-cgroup(1), lxc-ls(1), lxc-ps(1), lxc- info(1), lxc-freeze(1), lxc-unfreeze(1), lxc-attach(1), lxc.conf(5) AUTHOR Daniel Lezcano <daniel.lezc...@free.fr> ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users