Find container by owner (uid) of the process


(Alejandro Izquierdo) #1

From the host, all process of a container haves a asociated uid, like “165651”. The point is I’ve search in cgroups and /procs and I can’t find any way to locate the container associated with this uid.

How could do that?

Thanks


#2

Those UIDs are not unique to a particular container. Other containers could have the same UID as well.

Their value is derived from the contents of /etc/subuid.
In your case, this file should look something like

$ cat /etc/subuid
myusername:165536:65536

This means that the unprivileged containers on your system will get UIDs from a reserved space.
On your host, the UIDs are in the range of 0 (for root) to 65534 (for nobody).
On your host, there are no UIDs that are over 65534.

Therefore, LXD is using for the container processes, in your case, the unused UID range 165536 (for root) up to 165536+65536=231072 (for nobody). In the container, the processes will see UIDs between 0 and 64524 but on the host (as you are seeing now) those are in the range of 165536 to 231072.

That specific UID 165651 that you mention above, would have inside a container the UID value of 165651-165536=115. A stock Ubuntu 18.04 LXD container without additional services has a UID (for services) of up to 110 (service: pollinate), therefore you more likely installed several services there or you are running some other container image with more pre-installed services.


(Alejandro Izquierdo) #3

oh, well. I thought the uid was diferent per container.

thanks!