Hi there! I have the following problem:
I launched a new lxc container with lxc launch ubuntu:20.04 sift
Got in its bash with lxc exec sift bash
Now I’m root. I don’t want that so I su ubuntu
Now as the ubuntu non-root user of the container I try to use sudo but I get sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
I’ve various things online but nothing seems to work. To save space I moved my containers to my 1TB hard drive using a ln -s. Could this be the case? Any ideas?
Edit: The result of ls -lh /usr/bin/sudo: -rwxrwxrwx 1 nobody nogroup 163K Jan 19 14:21 /usr/bin/sudo
And if I try to run chown root:root /usr/bin/sudo nothing changes.
In the example you give, you would need to su - ubuntu or su --login ubuntu to get a properly setup shell, a login shell. Without that, you get weird Unix behaviour like the errors you point above.
I deleted my old container since I did various stuff with chown and chmod and created a new one so I can make a fresh start. I executed lxc exec sift -- sudo --user ubuntu --login and I got:
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: /usr/lib/sudo/sudoers.so must be owned by uid 0
sudo: fatal error, unable to load plugins
Again similar to what I got before but with a few more stuff into it.
That output looks weird. As if the container is not fresh.
Here is how it looks on my system. The container image is ubuntu:, which defaults to ubuntu:20.04 because that is the current latest stable Ubuntu LTS release.
$ lxc launch ubuntu: mycontainer
Creating mycontainer
Starting mycontainer
$ lxc exec mycontainer -- sudo --user ubuntu --login
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
ubuntu@mycontainer:~$ id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),117(netdev),118(lxd)
ubuntu@mycontainer:~$
$ lxc exec sift bash
root@sift:~# su ubuntu
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
ubuntu@sift:/root$ id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),117(netdev),118(lxd)
ubuntu@sift:/root$ sudo
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
Now a thing that alerts me is that my hdd (where I have moved my containers to save space) is a NTFS hdd. Could this cause problems to my containers?
The problem was the NTFS file system of my hdd. Now the question is, would it be wise to make an ext4 partition on my hdd of like 100gb so I can save my linux stuff there? (I have a dual boot pc mint and win10)
I did not know it was possible to setup LXD to use the dir storage pool on an NTFS partition.
Ideally, you would dedicate about 20GB of space for LXD, or more (like the 100GB you mention). If you can have a separate partition with that space, it would be the best. Depending on your Linux kernel, if it has support for ZFS, use a ZFS storage pool, otherwise go for btrfs.
If you do not have a separate partition, LXD will create a loop file for you, let’s say a 20GB loop file and will use ZFS or btrfs in that file. Although it is not super optimal as having a separate dedicated partition, it is much better than using the dir type of storage pool.
You can create additional storage pools with lxc storage .... Them, lxc copy or _lxc move_your existing containers to the new storage pool. Eventually, make the new storage pool your default pool and maybe decommision the old pools.
When you use lxc storage create ... to create a new storage pool in a new partition, keep the partition unformatted so that LXD will format it for you in the way it wants.