+[](https://linuxcontainers.org/lxd)
# LXC
-* Jenkins: [](https://jenkins.linuxcontainers.org/job/lxc-github-commit/)
-* Travis: [](https://travis-ci.org/lxc/lxc/)
-
LXC is the well-known and heavily tested low-level Linux container runtime. It
is in active development since 2008 and has proven itself in critical
production environments world-wide. Some of its core contributors are the same
people that helped to implement various well-known containerization features
inside the Linux kernel.
+## Status
+Type | Service | Status
+--- | --- | ---
+CI (Linux) | Jenkins | [](https://jenkins.linuxcontainers.org/job/lxc-github-commit/)
+CI (Linux) | Travis | [](https://travis-ci.org/lxc/lxc/)
+Project status | CII Best Practices | [](https://bestpractices.coreinfrastructure.org/projects/1087)
+Code Quality | LGTM | [](https://lgtm.com/projects/g/lxc/lxc/context:cpp)
+
## System Containers
LXC's main focus is system containers. That is, containers which offer an
inside of the container will not be able to boot up correctly.
2. User Namespaces: As outlined above, user namespaces are a big security
- enhancement. However, users which are unprivileged on the host will only be
- able to establish a mapping for their own UID if they do not rely on
- privileged helpers. A standard POSIX system however, requires 65536 UIDs and
- GIDs to be available to guarantee full functionality.
+ enhancement. However, without relying on privileged helpers users who are
+ unprivileged on the host are only permitted to map their own UID into
+ a container. A standard POSIX system however, requires 65536 UIDs and GIDs
+ to be available to guarantee full functionality.
## Configuration
LXC is configured via a simple set of keys. For example,
-- `lxc.rootfs`
+- `lxc.rootfs.path`
- `lxc.mount.entry`
LXC namespaces configuration keys by using single dots. This means complex
-configuration keys such as `lxc.network` expose various subkeys such as
-`lxc.network.type`, `lxc.network.link`, `lxc.network.ipv6`, and others for even
-more fine-grained configuration.
+configuration keys such as `lxc.net.0` expose various subkeys such as
+`lxc.net.0.type`, `lxc.net.0.link`, `lxc.net.0.ipv6.address`, and others for
+even more fine-grained configuration.
LXC is used as the default runtime for [LXD](https://github.com/lxc/lxd),
a container hypervisor exposing a well-designed and stable REST-api on top of
efficiently. If you think you've found a potential security issue, please
report it by e-mail to all of the following persons:
-- serge.hallyn (at) ubuntu (dot) com
+- serge (at) hallyn (dot) com
- stgraber (at) ubuntu (dot) com
- christian.brauner (at) ubuntu (dot) com
If you want to become more active it is usually also a good idea to show up in
the LXC IRC channel `#lxc-dev` on `Freenode`. We try to do all development out
in the open and discussion of new features or bugs is done either in
-appropriate Github issues or on IRC.
+appropriate GitHub issues or on IRC.
When thinking about making security critical contributions or substantial
changes it is usually a good idea to ping the developers first and ask whether
projects / mirror_lxc.git / blobdiff