Roughly systemd-nspawn -bD /tmp/dir is what I want to achieve in lxc but without privilege.
This config doesn’t work as unprivileged container is not able to mount sysfs. Anyway around this error?
# lxc-start -F op24
lxc-start: op24: ../src/lxc/utils.c: safe_mount: 1330 Operation not permitted - Failed to mount "sysfs" onto "/usr/lib/lxc/rootfs/sy
s"
lxc-start: op24: ../src/lxc/conf.c: lxc_mount_auto_mounts: 618 Operation not permitted - Failed to mount "sysfs" on "/usr/lib/lxc/ro
otfs/sys" with flags 0
LXC (and Incus) create system containers which are somewhat different from the containers by systemd-nspawn. In a system container, the system is just like another physical computer or virtual machine, that get an IP address on their own. They do not share it with the host .
With LXC and Incus you have the options
get an IP address from a private bridge (commonly named lxcbr0 and incusbr0). That’s the default setup.
get an IP address from the LAN, just like the the host computer does. In that case, the system container and the host can communicate over the network. Here you would be using one of the following networking options: bridged networking, macvlan, ipvlan, routed (and a few more). In addition, if you have a separate and unused network card, you can assign it to a system container.
For example, with bridged networking, if the host has the IP address 192.168.100.x, then your containers would get IP addresses in that range as well.