diff --git a/in/public/containers/lxc/index.rst b/in/public/containers/lxc/index.rst
index 289e999..6f1f141 100644
--- a/in/public/containers/lxc/index.rst
+++ b/in/public/containers/lxc/index.rst
@@ -6,6 +6,7 @@ LXC
 
    host
    container
+   unprivileged
 
 ***
 ESX
diff --git a/in/public/containers/lxc/unprivileged.rst b/in/public/containers/lxc/unprivileged.rst
new file mode 100644
index 0000000..0709c14
--- /dev/null
+++ b/in/public/containers/lxc/unprivileged.rst
@@ -0,0 +1,55 @@
+Unprivileged
+============
+
+.. warning:: Work In Progress
+
+Mandatory
+---------
+
+Configuration
+^^^^^^^^^^^^^
+
+* config
+
+::
+
+ lxc.idmap = u 0 100000 65536
+ lxc.idmap = g 0 100000 65536
+
+Permissions
+^^^^^^^^^^^
+
+.. todo:: shift root's uid for rootfs
+
+Not sure
+--------
+
+Packages
+^^^^^^^^
+
+::
+
+ uidmap
+
+Configuration
+^^^^^^^^^^^^^
+
+* /etc/sysctl.conf
+
+::
+
+ kernel.unprivileged_userns_clone=1
+
+* /etc/subgid
+* /etc/subuid
+
+::
+
+ root:100000:65536
+
+* config
+
+::
+
+ lxc.include = /usr/share/lxc/config/userns.conf
+ lxc.apparmor.profile = unconfined