1lxc-user-nic(1) lxc-user-nic(1)
2
3
4
6 lxc-user-nic - Manage nics in another network namespace
7
9 lxc-user-nic create {lxcpath} {name} {pid} {type} {bridge} {container
10 nicname}
11 lxc-user-nic delete {lxcpath} {name} {path to network namespace} {type}
12 {bridge} {container nicname}
13
15 lxc-user-nic is a setuid-root program with which unprivileged users may
16 manage network interfaces for use by a lxc container.
17
18 It will consult the configuration file /etc/lxc/lxc-usernet to deter‐
19 mine the number of interfaces which the calling user is allowed to cre‐
20 ate, and which bridge they may attach them to. It tracks the number of
21 interfaces each user has created using the file /run/lxc/nics. It en‐
22 sures that the calling user is privileged over the network namespace to
23 which the interface will be attached. lxc-user-nic also allows one to
24 delete network devices. Currently only ovs ports can be deleted.
25
27 lxcpath
28 The path of the container. This is currently not used.
29
30 name The name of the container. This is currently not used.
31
32 pid The process id for the task to whose network namespace the in‐
33 terface should be attached.
34
35 type The network interface type to attach. Currently only veth is
36 supported. With this type, two interfaces representing each tun‐
37 nel endpoint are created. One endpoint will be attached to the
38 specified bridge, while the other will be passed into the con‐
39 tainer.
40
41 bridge The bridge to which to attach the network interface, for in‐
42 stance lxcbr0.
43
44 container nicname
45 The desired interface name in the container. This will be eth0
46 if unspecified.
47
48 path to network namespace
49 A path to open to get a file descriptor for the target network
50 namespace. This is only relevant when an veth device is delet‐
51 ed.
52
54 lxc(1), lxc-start(1), lxc-usernet(5)
55
57 Christian Brauner <christian@brauner.io>
58
59 Serge Hallyn <serge@hallyn.com>
60
61 Daniel Lezcano <daniel.lezcano@free.fr>
62
63
64
65 2021-09-18 lxc-user-nic(1)