@stgraber : How is it handled from the security / access right point of view? Does the unprivileged container really have the uid/gid of ‘outside’ from the host point of view, 1000 in the example above? Said otherwise (if I’m not clear 
), if user 1000 on the host has R/W access to the shared folder, does the container’s user 1000 has R/W access on the bind-mounted folder?
Thank you for the explanation!
[Edit] I think I found the answer to my question, by reading the example there: LXD 3.16 has been released . So if I’m not wrong, yet the container and host now share the use the same IDs for that folder, so if a user in container has that ID, it has the right assignated to that host’s folder. If I’m wrong, please correct me.
my thought: Waow, LXD is powerful and so versatile 