What is the right way to log into a container as "normal" user?

I’m using the standard procedure to log into a container as unprivileged user:

mcon@Lenovo:/tmp$ lxc exec yocto-builder -- su -l ubuntu
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

but apparently there’s something wrong:

ubuntu@yocto-builder:~$ echo "fghjkl" >/dev/stderr
-su: /dev/stderr: Permission denied

What am I missing?

Looks like su/sudo don’t update /dev/pts/ permissions…

You can use lxc exec yocto-builder --user 1000 --group 1000 --cwd /home/ubuntu --env HOME=/home/ubuntu -- bash to have LXD do the user switching for you which will result in the correct permissions…

1 Like

I created a LXD ssh gateway to containers if your interested… It works by the host redirecting incoming requests based on their ssh private key to a unique container.

LXD SSH Gateway