Why ist root user inside the ubuntu container template enabled?

LXC
1

ubuntu by default has a disabled root user (out of security considerations) while in the template for ubuntu LXC container templates root is enabled

just curious …

  1. why is root enabled in the LCX template for ubuntu?
  2. would it be the first thing to do in an ubuntu container to create a new sudo user and disable the root user?
2

None of the users created by the LXC templates come with passwords, so as far as traditional login, all users are disabled.

lxc-attach does not go through the PAM stack, it just spawns a process as root in the container, whether the root user is enabled, disabled, defined, whatever… doesn’t matter at all.