[arch-general] UID/GID of a systemd container

Leonid Isaev leonid.isaev at jila.colorado.edu
Thu Dec 22 18:04:53 UTC 2016 

On Thu, Dec 22, 2016 at 05:52:10PM +0000, arnaud gaboury wrote:
> On Thu, Dec 22, 2016, 6:16 PM Leonid Isaev <leonid.isaev at jila.colorado.edu>
> wrote:
> 
> > On Thu, Dec 22, 2016 at 09:16:29AM +0000, arnaud gaboury via arch-general
> > wrote:
> > >  % systemctl --version
> > > systemd 232
> > > +PAM -AUDIT -SELINUX -IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP
> > > +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN
> > >
> > > % uname -r
> > > 4.8.13-1-hortensia (username space is set to YES)
> > > ------------------------------------------------
> > >
> > > My setup: Archlinux host managing through systemd-nspawn a Fedora
> > container
> > > on Btrfs.
> > >
> > > I don't know what upgrade (kernel, Fedora 24 --> 25, systemd....)
> > trigered
> > > this change, but UID/GID of my container are no more shown as before.
> > >
> > > list container directory from host:
> > >
> > >  # ls -al /var/lib/machines/poppy
> > >
> > > dr-xr-xr-x 1 vu-poppy-0 vg-poppy-0   198 Dec 16 17:32 ./
> > > drwx------ 3 root       root        4.0K Dec 15 17:08 ../
> > > dr-xr-xr-x 1 vu-poppy-0 vg-poppy-0     0 Feb  3  2016 boot/
> > > drwxrwxr-x 1 vu-poppy-0 vg-poppy-0    62 Aug 26 19:59 db/
> > > drwxr-xr-x 1 vu-poppy-0 vg-poppy-0     8 Apr 27  2015 dev/
> > > drwxr-xr-x 1 vu-poppy-0 vg-poppy-0  4.2K Feb  3  2016 etc/
> > > drwxr-xr-x 1 vu-poppy-0 vg-poppy-0    86 Feb  3  2016 home/
> > >
> > > Before it was like this:
> > >
> > > # ls -al /var/lib/machines/poppy/
> > >
> > > dr-xr-xr-x 1 363397120 363397120  198 Oct  4 15:54 ./
> > > drwx------ 3 root      root      4.0K Oct  1 15:53 ../
> > > dr-xr-xr-x 1 363397120 363397120    0 Feb  3  2016 boot/
> > > drwxrwxr-x 1 363397120 363397120   62 Aug 26 19:59 db/
> > > drwxr-xr-x 1 363397120 363397120    8 Apr 27  2015 dev/
> > > drwxr-xr-x 1 363397120 363397120 4.1K Feb  3  2016 etc/
> > > drwxr-xr-x 1 363397120 363397120   76 Feb  3  2016 home/
> > >
> > > ------------------------------------------------------------
> > >
> > > Thank you for any hint, link to documentation about this new way to show
> > > UID/GID of a container.
> >
> > You are using user namespaces, yes?
> >
> 
> Yes, so? How can it explains the recent changes ?

So, how can we know about recent changes if you build your own kernel? -ARCH
kernels have CONFIG_USER_NS disabled.

-- 
Leonid Isaev

More information about the arch-general mailing list