Cool, thanks, that is very nicely done :)
I'll leave it to you and Stéphane to decide whether this ought to be
integrated with the config scripts shipped in lxc or not. The
way you have it set up doesn't appear to lose any of the protections
for the host from the unprivileged users, so I'd be
Quoting Xavier Gendre (gendre.rei...@gmail.com):
Thanks for your answer. Indeed, it only needs to be done at login
and this is my problem. Your solutions work well but all need to
login at least one time for each user with unprivileged containers.
I admit that my question was not clear :-°
Quoting Xavier Gendre (gendre.rei...@gmail.com):
Hi,
following the hints given by Serge Hallyn on the lxc-devel list, I
managed to run an unprivileged container on my Debian Jessie \o/
Now, I want to avoid handlings and get it works on startup. Thus, I
set permanently
Hi,
following the hints given by Serge Hallyn on the lxc-devel list, I
managed to run an unprivileged container on my Debian Jessie \o/
Now, I want to avoid handlings and get it works on startup. Thus, I set
permanently kernel.unprivileged_userns_clone to 1 and I create a systemd
service to