New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lxc-attach uses the .bash_history file from the user #4408
Comments
The lxc-attach tool has a '--clear-env' option which will clear environment variables like HIST_FILE . |
@hallyn I don't want to clear environment variables but want to use the .bash_history file from the root user with lxc-attach. Is there a way to do that? This should be the default since we are logged in as root with lxc-attach. |
@baptx you can set an individual environment variable using -v:
I agree that is un-savory. But just unsetting HISTFILE in my environment before calling lxc-attach (or calling lxc-attach from dash) does not suffice, so it appears that bash in the container is buliding its HISTFILE variable from probably $HOME. And I can't unset that without breaking lxc's finding of its lockfiles etc. So, you could set HISTFILE in /root/.bashrc in the container. Really I think that lxc, by default, should reset some basic environment variables, including USER, LOGNAME, and HOME. It could set a LXC_USER to the original username as I'm sure some container workloads would like to know it. @stgraber @brauner @tych0 do you know of lxc users for whom such a change in default would cause trouble? |
I'm sure it will break someone's script somewhere but in general it shouldn't be a big deal as complex consumers like Incus/LXD don't use any of the env inheritance stuff anyways. |
@hallyn Setting HISTFILE in /root/.bashrc is not working because when I use lxc-attach-unpriv, it uses the .bashrc file from the user. With the command Update: In fact the |
Required information
lxc-start --version
5.0.2
lxc-checkconfig
uname -a
Linux debian 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64 GNU/Linux
cat /proc/self/cgroup
0::/user.slice/user-1000.slice/session-3.scope
cat /proc/1/mounts
Issue description with steps to reproduce
Create an unprivileged container, for example named kali with this guide:
https://www.kali.org/docs/containers/kalilinux-lxc-images/#unprivileged-kali-lxc-container-on-kali-host
lxc-unpriv-start kali
orsystemd-run --unit=my-unit --user --scope -p "Delegate=yes" -- lxc-start kali
(command based on https://linuxcontainers.org/lxc/getting-started/).lxc-unpriv-attach kali
orsystemd-run --user --scope -p "Delegate=yes" -- lxc-attach kali
(command based on lxc-attach fails on new systemd (with systemd-run) #3668 (comment)).adduser bapt
so we can log in as a normal user with SSH later.There are several issues:
.bash_history
file by default because it is owned by root so we have to executechown bapt:bapt .bash_history
.lxc-attach
, we are logged in as root in the user folder instead of/root/
.lxc-attach
, the root commands appear in the.bash_history
file from the user instead of/root/.bash_history
(this does not appear when logging in as root withsu
command).Can these issues be fixed and how can I make
lxc-attach
use the.bash_history
file from the root user?The text was updated successfully, but these errors were encountered: