I didn't expect it.
While I understand that there is no such entity as "a container" on
linux, the functionality of lxc being a construct of several underlying
features, lxc appears to me to be trying to construct a consistent
abstraction on those features. The unit of reference throughout the
This is expected. lxc-execute allows you to run commands without a
rootfs. Other isolation mechanisms are still available. Say, you have
sub{u,g}ids defined and you want to run a shell in a set of new
namespaces including user namespaces you can do:
sudo lxc-execute -n ns1 -l debug -o AAA -s
