no privi lxc
lxc privileged container config
# Template used to create this container: /usr/share/lxc/templates/lxc-local
# Parameters passed to the template: -f /home/level/artixlinux.tar.xz -m /home/level/artixmeta.tar.xz
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# Distribution configuration
# Template used to create this container: /usr/share/lxc/templates/lxc-busybox
# Parameters passed to the template:
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
# lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# lxc.signal.reboot = SIGTERM
# lxc.signal.halt = SIGTERM
lxc.start.auto = 1
lxc.tty.max = 0
lxc.pty.max = 100
# lxc.cap.drop = sys_module mac_admin mac_override sys_time
# When using LXC with apparmor, uncomment the next line to run unconfined:
lxc.apparmor.profile = generate
lxc.apparmor.allow_nesting = 1
lxc.cgroup.devices.allow = c 4:* rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 10:* rwm
lxc.cgroup.devices.allow = c 242:* rwm
lxc.cgroup.devices.allow = c 29:0 rwm
lxc.cgroup.devices.allow = c 226:1 rwm
lxc.cgroup.devices.allow = c 226:128 rwm
lxc.cgroup.devices.allow = c 13:* rwm
lxc.cgroup.devices.allow = c 81:* rwm
lxc.cgroup.devices.allow = c 189:* rwm
lxc.cgroup.devices.allow = c 10:242 rwm
lxc.cgroup.devices.allow = c 10:232 rwm
lxc.cgroup.devices.allow = c 10:229 rwm
lxc.mount.auto = cgroup:mixed:force proc:rw sys:rw cgroup-full:mixed:force
lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0
lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir 0 0
lxc.mount.entry = /dev/bus dev/bus none bind,optional,create=dir 0 0
# lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir 0 0
lxc.mount.entry = /dev/fb0 dev/fb0 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/zfs dev/zfs none bind,optional,create=file 0 0
lxc.mount.entry = /dev/cachefiles dev/cachefiles none bind,optional,create=file 0 0
lxc.mount.entry = /dev/bcache dev/bcache none bind,optional,create=dir 0 0
lxc.mount.entry = /dev/uinput dev/uinput none bind,optional,create=file 0 0
lxc.mount.entry = /dev/autofs dev/autofs none bind,optional,create=file 0 0
lxc.mount.entry = /dev/psaux dev/psaux none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sda dev/sda none bind,optional,create=file 0 0
# lxc.mount.entry = /dev/sda1 dev/sda1 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sda2 dev/sda2 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sda3 dev/sda3 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sda4 dev/sda4 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sdb1 dev/sdb1 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sdb2 dev/sdb2 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sdb3 dev/sdb3 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sdb4 dev/sdb4 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sdc dev/sdc none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sdc1 dev/sdc1 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sdc2 dev/sdc2 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/sdc3 dev/sdc3 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/bcache0 dev/bcache0 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/bcache1 dev/bcache1 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/bcache2 dev/bcache2 none bind,optional,create=file 0 0
#lxc.mount.entry = /dev/sdd dev/sdd none bind,optional,create=file 0 0
#lxc.mount.entry = /dev/sdd1 dev/sdd1 none bind,optional,create=file 0 0
#lxc.mount.entry = /dev/sdd2 dev/sdd2 none bind,optional,create=file 0 0
#lxc.mount.entry = /dev/sdd3 dev/sdd3 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty0 dev/tty0 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty1 dev/tty1 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty2 dev/tty2 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty3 dev/tty3 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty4 dev/tty4 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty5 dev/tty5 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty6 dev/tty6 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty7 dev/tty7 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/tty8 dev/tty8 none bind,optional,create=file 0 0
lxc.mount.entry = /dev/kvm dev/kvm none bind,optional,create=file 0 0
lxc.mount.entry = /dev/input dev/input none bind,optional,create=dir 0 0
lxc.mount.entry = /dev/vga_arbiter dev/vga_arbiter none bind,optional,create=file 0 0
lxc.mount.entry = /dev/net dev/net none bind,optional,create=dir 0 0
lxc.mount.entry = mqueue dev/mqueue mqueue defaults,optional,create=dir 0 0
lxc.mount.entry = world/home/sdduser home/level zfs create=dir,optional 0 0
lxc.mount.entry = /tmp/tmux-1000 dev/hostctl none bind,optional,create=dir 0 0
# Container specific configuration
lxc.rootfs.path = dir:/staros/deskmin
# lxc/kinetic/rootfs
# lxc.rootfs.options = nobarrier,journal_async_commit,data=writeback
# lxc.rootfs.path = dir:/root/lxcbox/manjaro/rootfs
lxc.uts.name = kinetic
# Network configuration
lxc.net.0.type = none
# lxc.net.0.ink = lxcbr0
# lxc.net.0.flags = up
# lxc.net.0.hwaddr = 00:16:3e:28:3c:9b
# lxc.tmpfs.size = 1024m
# lxc.rootfs.path = dir:/staros/deskmin/var/lib/lxc/fedora/rootfs
lxc non privileged container in lxc privileged container config
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template: --dist ubuntu --release bionic --arch amd64
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.include = /usr/share/lxc/config/userns.conf
lxc.arch = linux64
# Container specific configuration
lxc.include = /etc/lxc/default.conf
lxc.idmap = u 0 100000 1
lxc.idmap = g 0 100000 1
lxc.idmap = u 1 1 65536
lxc.idmap = g 1 1 65536
lxc.rootfs.path = dir:/home/level/.local/share/lxc/bionic/rootfs
lxc.uts.name = bionic
# Network configuration
# lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0
# lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir 0 0
# lxc.mount.entry = /dev/bus dev/bus none bind,optional,create=dir 0 0
# lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir 0 0
# lxc.mount.entry = /dev/fb0 dev/fb0 none bind,optional,create=file 0 0
# lxc.mount.entry = /dev/uinput dev/uinput none bind,optional,create=file 0 0
# lxc.mount.entry = /dev/psaux dev/psaux none bind,optional,create=file 0 0
# lxc.cgroup.devices.allow = c 10:* rwm
lxc.mount.entry = /dev/autofs dev/autofs none bind,optional,create=file 0 0
lxc.mount.entry = /ubuntu_bionic_1804/dist dist none bind,optional,create=dir 0 0
lxc.mount.entry = /ubuntu_bionic_1804/local local none bind,optional,create=dir 0 0
lxc.mount.entry = /ubuntu_bionic_1804/build build none bind,optional,create=dir 0 0
lxc.mount.entry = /ubuntu_bionic_1804/origin origin none bind,optional,create=dir 0 0
# lxc.mount.entry = /automount automount none bind,optional,create=dir 0 0
lxc.net.0.hwaddr = a2:8f:b7:3c:1e:32
lxc.net.0.ipv4.address = 192.168.1.11/24 192.168.1.255
lxc alpine config
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template: -a amd64 -d alpine -r 3.20
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.include = /usr/share/lxc/config/userns.conf
lxc.arch = linux64
# Container specific configuration
lxc.include = /etc/lxc/default.conf
# lxc.idmap = u 0 100000 1
# lxc.idmap = g 0 100000 1
lxc.idmap = u 0 1 65535
lxc.idmap = g 0 1 65535
lxc.rootfs.path = dir:/home/level/.local/share/lxc/g2024/rootfs
lxc.uts.name = g2024
# Network configuration
lxc.time.offset.boot=1h
lxc.time.offset.monotonic=1h
ubuntu/noble lxc config
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template: -d ubuntu -a amd64 -r noble
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.include = /usr/share/lxc/config/userns.conf
lxc.arch = linux64
# Container specific configuration
lxc.include = /etc/lxc/default.conf
# lxc.idmap = u 0 100000 1
# lxc.idmap = g 0 100000 1
lxc.idmap = u 0 1 65535
lxc.idmap = g 0 1 65535
lxc.rootfs.path = dir:/home/level/.local/share/lxc/noble/rootfs
lxc.uts.name = noble
# Network configuration
cat .config/lxc/default.conf
lxc.idmap = u 0 1 65535
lxc.idmap = g 0 1 65535
cat /etc/subuid
test:1:165536cat /etc/subgid
test:1:165536
cat /etc/lxc/lxc-usernet
test veth lxcbr0 10
Comments
Post a Comment