lmlsna · December 14, 2017 10:04
diff --git a/setup-unpriv-lxc-gui.sh b/setup-unpriv-lxc-gui.sh
 #!/bin/bash
 # Sets up the directory tree and necessary files for unpriv LXC GUI containers.
 # Expects the default LXC setup (lxcbr0) to be functioning
 # Need to install desktop environment inside each container.

 UNAME="ubuntu"
 UHOME="/home/$UNAME"

 mkdir -p "$UHOME/.config/lxc"               # /etc/lxc
 touch    "$UHOME/.config/lxc/lxc.conf"      # /etc/lxc/lxc.conf
 touch    "$UHOME/.config/lxc/default.conf"  # /etc/lxc/default.conf
 mkdir -p "$UHOME/.local/share/lxc"          # /var/lib/lxc
 mkdir -p "$UHOME/.local/share/lxcsnaps"     # /var/lib/lxcsnaps
 mkdir -p "$UHOME/.cache/lxc"                # /var/cache/lxc

 chown $UNAME:$UNAME -Rvf $UHOME/.{config,local,cache}

 cat > $UHOME/.config/lxc/default.conf << __DEFAULT__
 lxc.net.0.type = veth
 lxc.net.0.link = lxcbr0
 lxc.net.0.flags = up
 lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
 lxc.net.0.name = eth0

 ## For regular unpriv containers:
 #lxc.id_map = u 0 100000 65536
 #lxc.id_map = g 0 100000 65536

 ## For GUI upriv containers
 lxc.idmap = u 0 100000 1000
 lxc.idmap = g 0 100000 1000
 lxc.idmap = u 1000 1000 1
 lxc.idmap = g 1000 1000 1
 lxc.idmap = u 1001 101001 64535
 lxc.idmap = g 1001 101001 64535

 lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir
 lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir
 lxc.mount.entry = /tmp/.X11-unix tmp/.X11-unix none bind,optional,create=dir
 lxc.mount.entry = /dev/video0 dev/video0 none bind,optional,create=file
 __DEFAULT__

 echo "$UNAME veth lxcbr0 10" >> "/etc/lxc/lxc-usernet"
 usermod --add-subuids 100000-165536 $USER
 usermod --add-subgids 100000-165536 $USER
 chmod +x $UHOME
	#!/bin/bash
	# Sets up the directory tree and necessary files for unpriv LXC GUI containers.
	# Expects the default LXC setup (lxcbr0) to be functioning
	# Need to install desktop environment inside each container.

	UNAME="ubuntu"
	UHOME="/home/$UNAME"

	mkdir -p "$UHOME/.config/lxc" # /etc/lxc
	touch "$UHOME/.config/lxc/lxc.conf" # /etc/lxc/lxc.conf
	touch "$UHOME/.config/lxc/default.conf" # /etc/lxc/default.conf
	mkdir -p "$UHOME/.local/share/lxc" # /var/lib/lxc
	mkdir -p "$UHOME/.local/share/lxcsnaps" # /var/lib/lxcsnaps
	mkdir -p "$UHOME/.cache/lxc" # /var/cache/lxc

	chown $UNAME:$UNAME -Rvf $UHOME/.{config,local,cache}

	cat > $UHOME/.config/lxc/default.conf << __DEFAULT__
	lxc.net.0.type = veth
	lxc.net.0.link = lxcbr0
	lxc.net.0.flags = up
	lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
	lxc.net.0.name = eth0

	## For regular unpriv containers:
	#lxc.id_map = u 0 100000 65536
	#lxc.id_map = g 0 100000 65536

	## For GUI upriv containers
	lxc.idmap = u 0 100000 1000
	lxc.idmap = g 0 100000 1000
	lxc.idmap = u 1000 1000 1
	lxc.idmap = g 1000 1000 1
	lxc.idmap = u 1001 101001 64535
	lxc.idmap = g 1001 101001 64535

	lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir
	lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir
	lxc.mount.entry = /tmp/.X11-unix tmp/.X11-unix none bind,optional,create=dir
	lxc.mount.entry = /dev/video0 dev/video0 none bind,optional,create=file
	__DEFAULT__

	echo "$UNAME veth lxcbr0 10" >> "/etc/lxc/lxc-usernet"
	usermod --add-subuids 100000-165536 $USER
	usermod --add-subgids 100000-165536 $USER
	chmod +x $UHOME