[pkg-lxc-devel] Bug#878955: Drop root permissions by default like other sshd, postfix, and others

Nicholas D Steeves nsteeves at gmail.com
Wed Oct 18 00:34:52 UTC 2017


Package: lxc
Version: 1:2.0.7-2
Severity: normal

Dear Maintainer[s],

Sshd, postfix, and most other system services drop permissions are quickly as possible.  Given that LXC supports unpriviledged containers, could we please do the following?

1. Create an lxc user and group
2. Default to unpriviledged container creation
   - in /var/lib/lxc, as we do now
3. Use lxc for both /etc/subuid and /etc/subgid
4. Default permissive policy when upgrading
   a. include a file to allow bind mounts
   b. include a file to allow more permissive networking
   c. and others
5. Default restrictive policy for fresh installations

I'm working on many other projects at the moment, so it will be a while before I can contribute anything towards solving this bug.

I also wonder if the LXC "pivot" can be leveraged in case (a) is infeasible.  eg: as root, set up mounts in pre-location, pivot into place, drop permissions to lxc:lxc.  Then, when stopping a container as root reverse this sequence.

Proxmox is downstream from Debian and IIRC has transitioned from OpenVZ to LXC, so maybe we could consult them and merge some of their work?

Cheers,
Nicholas



More information about the Pkg-lxc-devel mailing list