Ubuntu 16.04 LXD : install wireshark within CentOS based containers

I could install wireshark within Ubuntu-based LXD container by default configuration, but could not install wireshark on CentOS-based containers until I set “security.privileged” to true.

Here is what I did.

start a Cent7 container

$ lxc launch 8c7eed37f93c cent7-01

install wireshark

failed to install wireshark.

$ lxc exec cent7-01 bash [root@cent7-01 ~]# yum install wireshark –y Dependency Installed:  c-ares.x86_64 0:1.10.0-3.el7 gnutls.x86_64 0:3.3.24-1.el7   libpcap.x86_64 14:1.5.3-8.el7 libsmi.x86_64 0:0.4.8-13.el7  nettle.x86_64 0:2.7.1-8.el7  trousers.x86_64 0:0.3.13-1.el7 wget.x86_64 0:1.14-13.el7 Failed:  wireshark.x86_64 0:1.10.14-10.el7 Complete! [root@cent7-01 ~]#

stop the conainer and set security.privileged to true.

$ lxc stop cent7-01 $ lxc config set cent7-01 security.privileged true $ lxc config show cent7-01 | grep security  security.privileged: "true"

start the container and install wireshark

$ lxc start cent7-01 $ lxc exec cent7-01 -- yum install wireshark -y Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: www.ftp.ne.jp * extras: www.ftp.ne.jp * updates: www.ftp.ne.jp Resolving Dependencies --> Running transaction check ---> Package wireshark.x86_64 0:1.10.14-10.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved =========================================================================================================================== Package                      Arch                      Version                              Repository               Size =========================================================================================================================== Installing: wireshark                    x86_64                    1.10.14-10.el7                       base                     13 M Transaction Summary =========================================================================================================================== Install  1 Package Total download size: 13 M Installed size: 67 M Downloading packages: wireshark-1.10.14-10.el7.x86_64.rpm                                                                 |  13 MB  00:00:01 Running transaction check Running transaction test Transaction test succeeded Running transaction  Installing : wireshark-1.10.14-10.el7.x86_64                                                                         1/1  Verifying  : wireshark-1.10.14-10.el7.x86_64                                                                         1/1 Installed:  wireshark.x86_64 0:1.10.14-10.el7 Complete!

You can also set “security.privileged true” to a profile as below.

$ lxc profile set default security.privileged true $ lxc profile show default name: default config:  security.privileged: "true" description: Default LXD profile devices:  eth0:    name: eth0    nictype: bridged    parent: lxdbr0    type: nic