User Namespaces

Enable user namespaces

Requirements

First enable the sysctl:

echo 'sysctl kernel.unprivileged_userns_clone = 1' | tee /etc/sysctl.d/20-unprivileged_userns.conf

Reload sysctl's with sysctl --system

User (G/U)IDs

Setup LXC mappings in /etc/lxc/default.conf.

lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536

Edit shadow files for g/uids

cat /etc/subuid /etc/subgid
root:100000:65536
john:165536:231072

root:100000:65536
john:165536:231072

Now add changed mapping to userns containers.

References

results matching ""

    No results matching ""