Only "local" group allowed for daemon.user.group

LXD allows non-privileged users to run lxc commands. You can do that by specifying the daemon.user.group.

However, when I try that with a group from FreeIPA/SSSD it doesn’t work. There is no error message, but the file /var/snap/lxd/common/lxd-user/unix.socket remains owned by root.lxd. It only works with a group that is present in /etc/group.

Is this a problem/limitation of lxd or snap?

Could it be related to this: Easy multi-user LXD setup - Desktop - Ubuntu Community Hub ?

Any thoughts @stgraber sounds like it could be snap limitation?

Quite likely as the chown occurs from within the snap environment and in that environment, it’s unable to resolve the group name.

Setting the config key to the group id instead may work.

Too bad, setting the group with a numeric value does not work either.