Check privileged or unprivileged

Hi is there a way to check if the created LXC container is privileged or unprivileged?

If it’s a LXD container, look for “security.privileged: true” in “lxc config show --expanded NAME”. If it’s there, it’s a privileged container, if it’s not, it’s an unprivileged container.

For LXC, you can check for lxc.id_map lines in your container’s configuration file.

Another easy trick is to look for the owner of /proc in the container (through “lxc exec” or “lxc-attach”). If you see it as nobody/nogroup, it’s an unprivileged container, if you see it as root/root, it’s a privileged container.

1 Like