Hi folks,
I'd like to run OpenWRT in an LXD container, and I wonder if it can be kept up to date by just upgrading packages with opkg (or soon apk). As the kernel is updated through the underlying Linux host, is there any reason to do the usual <backup config/upgrade/restore config> process ?
Thanks
Just opkg/apk. Great choice btw.
Running OpenWrt in a container is not a supported process, it does not work and tears open serious security issues.
You can run OpenWrt on the bare iron or under virtualization (kvm, virtualbox, hyper-v, parallels, vmware, …) though.
OpenWrt in unprivileged lxc container just works. Can you explain more on the security?
Except that it doesn't, the details have been laid out multiple times, as evidenced by the forum search.
Yes, you do get a glimpse of the webinterface, but the actual functionality is broken and insecure.
Please, can you give some specific links to this evidence ?
I have the feeling that running the only external access to my home network in an unprivileged container has some more security barriers than running it on the host itself...
And my searches around this on the forum were unsuccessful...
Is there a way to upgrade everything at once with opkg ?