Antonio Carlos Padoan Junior schreef op wo 30-03-2022 om 15:13 [+0200]: > Thanks Maxime, > > > Maxime Devos writes: > > > Antonio Carlos Padoan Junior schreef op wo 30-03-2022 om 08:51 [+0200]: > > > Hello, > > > > > > I'm trying to figure out how to set a unprivileged container using lxc > > > in guix. I do not know either how to allocate subuid/gid space in guix, > > > > subuid/gid are _not_ unprivileged. They are an userspace feature by > > the (privileged) setuid binary 'newuidmap', see > > . > > > > I don't think there's currently a mechanism for that in Guix System, > > except manually creating and modifying /etc/subuid appropriately and > > installing the setuid binaries. However, I suppose that the 'user- > > account' record could be extended to support subuid/subgid and > > automatically create /etc/subuid. > > I created them manually as you suggested. But now I'm in trouble with > the creation of virtual network interfaces for the container. It is not > possible to follow the standard lxc documentation and apply it for guix directly. > The same problem if I use lxd. > > I'm looking the "Singularity service" as an alternative for lxc but it seem it does > not install the daemon (as per guix documentation). I have no idea > how to properly proceed and set a viable singularity deamon in my machine. > > I will try docker service instead, but this is not exactly what I'm > looking for (but I hope at least it will work). > > I have the feeling people create guix packages and services for > personal use but without minimal documentation on how to use properly on > guix. Please consider that as a critic from someone that has goodwill > but who is a little bit frustrated today. I'm not familiar with lxc, lxd, Docker or Singularity so I'm afraid I cannot help here. Greetings, Maxime.