Enable user namespaces

Requirements

First enable the sysctl:

Reload sysctl's with sysctl --system

User (G/U)IDs

Setup LXC mappings in /etc/lxc/default.conf.

lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536

Edit shadow files for g/uids

root:100000:65536
john:165536:231072

root:100000:65536
john:165536:231072

Now add changed mapping to userns containers.

References

• https://wiki.archlinux.org/index.php/Linux_Containers#Enable_support_to_run_unprivileged_containers_.28optional.29

• https://stgraber.org/2017/06/15/custom-user-mappings-in-lxd-containers/