How to make an LXD container private (not visible by other users)

lxd
security

(Gregsifr) #1

How to make certain containers not visible to all users?

For example is it possible to have root create a container which normal users cannot see?


#2

Currently, for a user to be able to use the local LXD server, they just need to be members of the lxd group.

There is currently no notion of multiple users of an LXD server (called multi-tenancy), though it may happen in the future,

What is your user-case? Do you have a server where multiple users connect through SSH?


(Idef1x) #3

Speaking for myself maybe, but a usecase could be sharing a server among multiple administrators and you don't want them to see or (be able to) mess with each others containers.


(Gregsifr) #5

Exactly this - it's similar to how users don't share their home folder. On top of this different users have a different level of access which is where permissions and visibility would be fantastic.