LAB 3.2 LXC - setfacl

Battogtokh

Hello,

I am working on Lab 3.2 and on the page 3 of the lab document, we need to set the access control list on ~/.local directory.

Do we need to create this directory, please? I cannot find if we created ~/.local directory. Can you please advise?

chrispokorni

Hi @Battogtokh,

How did you provision the lab environment, what hypervisor or cloud are you using (if at all) and what guest OS? Also, is all ingress traffic allowed to your VM per the instructions in the first chapter?

As a last resort, we can disable the validation to help you move past this step:
lxc-create --name unpriv-cont-user --template download -- --no-validate

Regards,
-Chris

Battogtokh

Ok. It looks like the .local directory is created itself after running the lxc-create command. I can set an ACL now.

But I am stuck at running this command now. Can you please advise?
I don't understand why the optional argument --keyserver is not recognizable.

[email protected]:~$ lxc-create --name unpriv-cont-user --template download --keyserver keyserver.ubuntu.com
lxc-create: unrecognized option '--keyserver'

chrispokorni

Hi @Battogtokh,

The following syntax may help:

lxc-create --name unpriv-cont-user --template download -- --keyserver keyserver.ubuntu.com

Regards,
-Chris

Battogtokh

Hi @chrispokorni, thank you very much for your reply.
Mine is showing this response.

[email protected]:~$ lxc-create --name unpriv-cont-user --template download -- --keyserver keyserver.ubuntu.com
Setting up the GPG keyring
ERROR: Unable to fetch GPG key from keyserver
lxc-create: unpriv-cont-user: lxccontainer.c: create_run_template: 1616 Failed to create container from template
lxc-create: unpriv-cont-user: tools/lxc_create.c: main: 319 Failed to create container unpriv-cont-user

Battogtokh

Thank you very much. --no-validate works. I am running the Ubuntu Server edition v20.04 VM on VMware ESXi host. The server has access to internet and every other lab works, except the lxc one. The --no-validate made it working. Thanks again.