1lxc-user-nic(1)                                                lxc-user-nic(1)
2
3
4

NAME

6       lxc-user-nic - Manage nics in another network namespace
7

SYNOPSIS

9       lxc-user-nic create {lxcpath} {name} {pid} {type} {bridge} {container
10                    nicname}
11       lxc-user-nic delete {lxcpath} {name} {path to network namespace} {type}
12                    {bridge} {container nicname}
13

DESCRIPTION

15       lxc-user-nic is a setuid-root program with which unprivileged users may
16       manage network interfaces for use by a lxc container.
17
18       It will consult the configuration file /etc/lxc/lxc-usernet  to  deter‐
19       mine the number of interfaces which the calling user is allowed to cre‐
20       ate, and which bridge he may attach them to. It tracks  the  number  of
21       interfaces  each  user has created using the file /run/lxc/nics. It en‐
22       sures that the calling user is privileged over the network namespace to
23       which  the  interface  will  be  attached.  lxc-user-nic also allows to
24       delete network devices.  Currently only ovs ports can be deleted.
25

OPTIONS

27       lxcpath
28              The path of the container. This is currently not used.
29
30       name   The name of the container. This is currently not used.
31
32       pid    The process id for the task to whose network namespace  the  in‐
33              terface should be attached.
34
35       type   The  network  interface  type  to attach. Currently only veth is
36              supported. With this type, two interfaces representing each tun‐
37              nel  endpoint  are created. One endpoint will be attached to the
38              specified bridge, while the other will be passed into  the  con‐
39              tainer.
40
41       bridge The  bridge  to  which  to attach the network interface, for in‐
42              stance lxcbr0.
43
44       container nicname
45              The desired interface name in the container. This will  be  eth0
46              if unspecified.
47
48       path to network namespace
49              A  path  to open to get a file descriptor for the target network
50              namespace.  This is only relevant when an veth device is  delet‐
51              ed.
52

SEE ALSO

54       lxc(1), lxc-start(1), lxc-usernet(5)
55

AUTHOR

57       Christian Brauner <christian@brauner.io>
58
59       Serge Hallyn <serge@hallyn.com>
60
61       Daniel Lezcano <daniel.lezcano@free.fr>
62
63
64
65                                  2020-01-29                   lxc-user-nic(1)
Impressum