Logging in a container as a normal user


From what I see LXC/LXD is great for checking out different Linux distro’s.
But to get a good grip on how it is to use the distro in day-to-day work, you usually need to run as the normal (non-root) user.

To get the nonprivileged user console in a container spawned from the official Ubuntu image, I do:

$ lxc launch ubuntu: some-ubuntu
$ lxc exec some-ubuntu -- /bin/bash
$ su ubuntu

Is there some other, more elegant way of doing that?

lxc exec some-ubuntu -- su ubuntu

Should work and is a bit shorter.

1 Like

There are

lxc exec some-ubuntu -- su --login ubuntu


lxc exec some-ubuntu -- sudo --login --user ubuntu

which get you into a login shell for user ubuntu.

If might be good to have some shell shortcut. For bash,

lxcsh() { lxc exec "$1" -- sudo --login --user ubuntu; }

(you can add this in ~/.bashrc on the host).

Then, you can

$ lxcsh some-ubuntu

Instead of defining this as a shell function, you can also define it as an lxc alias.

stgraber@castiana:~$ lxc ubuntu snapcraft
sudo: unable to resolve host snapcraft
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@snapcraft:~$ logout
stgraber@castiana:~$ cat .config/lxc/config.yml 
default-remote: local
    addr: https://images.linuxcontainers.org
    public: true
    protocol: simplestreams
  delete: delete -f
  list: list -c ns46
  shell: exec @ARGS@ -- bash
  ubuntu: exec @ARGS@ -- sudo --login --user ubuntu

@stgraber Sir would you like to help me in how to login to lxd container?

Your command is correct but I prefer somthing like:
lxc exec container-name -- su --shell /bin/bash --login user-name

See also https://blog.simos.info/using-command-aliases-in-lxd-to-exec-a-shell/

1 Like

Oh yes. Better detailed than the documentation about this. Really intresting :+1:

In 2022 (since I don’t know when) we can do:

lxc shell --user <user-id>

But it asks for the password. And it doesn’t accept it, it fails with su: Authentication failure. I tested from within the container switching from unprivileged user to unprivileged user and I can login.

The user id I get it with id <username> --user, and also I double checked the /etc/ passwd file.

If I run it without the --user flag, I will simply log as root (no password asked).

How can I make lxc shell --user <user-id> launch the shell without asking me the password?

Aside feature request: support user name beside user id in the --user flag for the shell command.