I’m loking for a way to let users, when logging in to a host A, be directed through some mechanism, into a lxc container B, running on host A.
By that, confining those logged in users to those lxc instances.
A few users might need to be excluded, or, a separate ssh-server be running beside with this behavior disabled for admin purposes.
Is this possible with lxc + sshd somehow?
A great way to let many users use a single host for login sessions while still confining them to a lxc.
Hello is this thread adding anything to your search ?
Thanx @gpatel-fr , it did. I will try experiment with this and see if I can get somewhere.
My use case is to have users be able to get a fresh container at each login session, with their respective /home/$USER being the only thing accessible from each session.
I’m not sure it’s possible and if not, I’m interested in exploring if I can instead launch a VNC session and have that vnc spawn an lxc with an xterm running.
Over all is to jail a user session, while still allow the user to install and modify the container freely.
I remember now that there is a LXD turnkey extension, you could check it out to see if it fits your requirements; it may be wild overkill for you but possibly it could bring your other things that could be of interest.
I have absolutely no link with this project and I cannot even give an advice on its quality, I have never tried it.