What does the PUBLIC in `$ lxc image list` mean

$ lxc image list
+---------------------------------+--------------+--------+-----------------------------------------------------+--------------+-----------+----------+------------------------------+
|              ALIAS              | FINGERPRINT  | PUBLIC |                     DESCRIPTION                     | ARCHITECTURE |   TYPE    |   SIZE   |         UPLOAD DATE          |
+---------------------------------+--------------+--------+-----------------------------------------------------+--------------+-----------+----------+------------------------------+
|                                 | 93b9eeb85479 | no     | ubuntu 18.04 LTS amd64 (release) (20200506)         | x86_64       | CONTAINER | 179.10MB | May 13, 2020 at 8:53am (UTC) |
+---------------------------------+--------------+--------+-----------------------------------------------------+--------------+-----------+----------+------------------------------+
|                                 | 235aa7210a08 | no     | ubuntu 18.04 LTS amd64 (minimal release) (20200506) | x86_64       | CONTAINER | 94.25MB  | May 13, 2020 at 8:52am (UTC) |
+---------------------------------+--------------+--------+-----------------------------------------------------+--------------+-----------+----------+------------------------------+

i was expecting that this could easily be found in the official doc, but it does not look to be so easy. So go to the Api doc

“public”: true, // Whether the image can be downloaded by untrusted users (defaults

By the way - still tirelessly ploughing the sea - you can display screen copy in a much nicer way in this forum software by preceding the text with 3 backticks like that ``` at the beginning of a line

±--------------------------------±-------------±-------±----------------------------------------------------±-------------±----------±---------±-----------------------------+
| ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCHITECTURE | TYPE | SIZE | UPLOAD DATE |
±--------------------------------±-------------±-------±----------------------------------------------------±-------------±----------±---------±-----------------------------+
| | 93b9eeb85479 | no | ubuntu 18.04 LTS amd64 (release) (20200506) | x86_64 | CONTAINER | 179.10MB | May 13, 2020 at 8:53am (UTC) |
±--------------------------------±-------------±-------±----------------------------------------------------±-------------±----------±---------±-----------------------------+
| | 235aa7210a08 | no | ubuntu 18.04 LTS amd64 (minimal release) (20200506) | x86_64 | CONTAINER | 94.25MB | May 13, 2020 at 8:52am (UTC) |
±--------------------------------±-------------±-------±----------------------------------------------------±-------------±----------±---------±-----------------------------+
1 Like

Has the image been published in somewhere public on Internet that I can download it by another machine?
Or it just stays in my local machine that another machine in the same local network can download from my local machine?

no, the images are only on the local machine.
if you define core.https_address your computer will become a LXD server. However if you don’t define some trust (password…) it will only be accessible with the –public flag of the lxc remote add command. In this configuration, only the images having the public flag can be seen remotely.

2 Likes

I see. Thx a lot.

Hi there, and sorry for unearthing this thread (let me know if this is not good practice on this forum, I have not found a better relevant post searching for ‘public image’).

I am also interested in the meaning of the public flag. From what I have seen in the docs + lxd source code, one has either to set an admin password or manually add each client cert via lxc trust when running an LXD daemon as a server (i.e. with core.https_address set).

It is thus unclear to me what the public flag means in this context. From what I understand/have read here, only images with the public flag set can be seen by an “untrusted” user but this applies only if running sth else than an LXD server (e.g simplestreams server). This is because users are always trusted when connecting to an LXD server (either via password or manual cert addition).

Is my understanding correct?

Thanks for the feedback!