Running lxd command on non-root

blt2b · July 29, 2023, 8:03pm

I am on Alpine Linux and added my user in lxd group but is is not enough as I got : Error: Get “http://unix.socket/1.0”: dial unix /var/lib/lxd/unix.socket: connect: permission denied

Changing the group with chown root:lxd /var/lib/lxd/unix.socket make the trick but I would like to know if there is any security implication doing that way ? Or is there a reason why the socket is not already root:lxd ?

Many thanks

Aleks · July 31, 2023, 7:09am

in snap, the socket is root:lxd, so I would guess this is an error/omission by whoever packaged it for Alpine

# ls -al /var/snap/lxd/common/lxd/unix.socket 
srw-rw---- 1 root lxd 0 Jul 12 10:49 /var/snap/lxd/common/lxd/unix.socket

blt2b · July 31, 2023, 1:12pm

Thanks to confirm ! I am reporting the error as we speak

blt2b · August 15, 2023, 3:24pm

Fixed

https://git.alpinelinux.org/aports/commit/?h=v3.18.3&id=1ee127a7164992826882e1dc783272485dc0e6a5