diff --git a/0052-add-lxc-attach-add-gids-option.patch b/0052-add-lxc-attach-add-gids-option.patch
new file mode 100644
index 0000000000000000000000000000000000000000..3284467d3ce234366e3980a9a63527774cda6f35
--- /dev/null
+++ b/0052-add-lxc-attach-add-gids-option.patch
@@ -0,0 +1,178 @@
+From 127b54261e22f91ff5c66f17c425b4064b5bf7a6 Mon Sep 17 00:00:00 2001
+From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+Date: Fri, 2 Dec 2022 15:30:34 +0800
+Subject: [PATCH] add lxc-attach add-gids option
+
+Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
+---
+ src/lxc/attach.c           | 13 ++++++--
+ src/lxc/attach_options.h   |  2 ++
+ src/lxc/tools/arguments.h  |  3 ++
+ src/lxc/tools/lxc_attach.c | 65 ++++++++++++++++++++++++++++++++++++++
+ 4 files changed, 80 insertions(+), 3 deletions(-)
+
+diff --git a/src/lxc/attach.c b/src/lxc/attach.c
+index 5225e99..568dfe1 100644
+--- a/src/lxc/attach.c
++++ b/src/lxc/attach.c
+@@ -1025,9 +1025,16 @@ static int attach_child_main(struct attach_clone_payload *payload)
+ 		goto on_error;
+ 	}
+ 
+-	if (!lxc_setgroups(init_ctx->container->lxc_conf->init_groups_len,
+-			init_ctx->container->lxc_conf->init_groups))
+-		goto on_error;
++	if (options->add_gids != NULL && options->add_gids_len != 0) {
++		if (!lxc_setgroups(options->add_gids_len, options->add_gids)) {
++			goto on_error;
++		}
++	} else {
++		if (!lxc_setgroups(init_ctx->container->lxc_conf->init_groups_len,
++				init_ctx->container->lxc_conf->init_groups)) {
++			goto on_error;
++		}
++	}
+ #endif
+ 
+ 	/* Make sure that the processes STDIO is correctly owned by the user that we are switching to */
+diff --git a/src/lxc/attach_options.h b/src/lxc/attach_options.h
+index 5767560..f791753 100644
+--- a/src/lxc/attach_options.h
++++ b/src/lxc/attach_options.h
+@@ -123,6 +123,8 @@ typedef struct lxc_attach_options_t {
+ 	const char *suffix;
+ 	bool disable_pty;
+ 	bool open_stdin;
++	gid_t *add_gids; /* attach user additional gids */
++	size_t add_gids_len;
+ } lxc_attach_options_t;
+ 
+ /*! Default attach options to use */
+diff --git a/src/lxc/tools/arguments.h b/src/lxc/tools/arguments.h
+index 80c2083..583390a 100644
+--- a/src/lxc/tools/arguments.h
++++ b/src/lxc/tools/arguments.h
+@@ -50,6 +50,8 @@ struct lxc_arguments {
+ 	int open_stdin;
+ 	unsigned int start_timeout; /* isulad: Seconds for waiting on a container to start before it is killed*/
+ 	int64_t attach_timeout; /* for lxc-attach */
++	gid_t *add_gids;
++	size_t add_gids_len;
+ #endif
+ 
+ 	/* for lxc-console */
+@@ -175,6 +177,7 @@ struct lxc_arguments {
+ #define OPT_OPEN_STDIN OPT_USAGE - 14
+ #define OPT_ATTACH_TIMEOUT OPT_USAGE - 15
+ #define OPT_ATTACH_SUFFIX OPT_USAGE - 16
++#define OPT_ADDITIONAL_GIDS OPT_USAGE - 17
+ #endif
+ 
+ extern int lxc_arguments_parse(struct lxc_arguments *args, int argc,
+diff --git a/src/lxc/tools/lxc_attach.c b/src/lxc/tools/lxc_attach.c
+index 9931b39..0de2067 100644
+--- a/src/lxc/tools/lxc_attach.c
++++ b/src/lxc/tools/lxc_attach.c
+@@ -78,6 +78,7 @@ static const struct option my_longopts[] = {
+ #else
+ 	{"workdir", required_argument, 0, 'w'},
+ 	{"user", required_argument, 0, 'u'},
++	{"add-gids", required_argument, 0, OPT_ADDITIONAL_GIDS},
+ 	{"in-fifo", required_argument, 0, OPT_INPUT_FIFO}, /* isulad add terminal fifos*/
+ 	{"out-fifo", required_argument, 0, OPT_OUTPUT_FIFO},
+ 	{"err-fifo", required_argument, 0, OPT_STDERR_FIFO},
+@@ -146,6 +147,7 @@ Options :\n\
+ "\
+   -w, --workdir     Working directory inside the container.\n\
+   -u, --user        User ID (format: UID[:GID])\n\
++      --add-gids    Additional gids (format: GID[,GID])\n\
+       --in-fifo     Stdin fifo path\n\
+       --out-fifo    Stdout fifo path\n\
+       --err-fifo    Stderr fifo path\n\
+@@ -228,6 +230,58 @@ static int get_attach_uid_gid(const char *username, uid_t *user_id, gid_t *group
+ 	free(tmp);
+ 	return 0;
+ }
++
++static int get_attach_add_gids(const char *add_gids, gid_t **gids, size_t *gids_len)
++{
++	long long int readvalue;
++	size_t i, len;
++	const size_t max_gids = 100;
++	gid_t *g = NULL;
++	__do_free_string_list char **gids_str = NULL;
++
++	if (add_gids == NULL || strlen(add_gids) == 0) {
++		ERROR("None additional gids");
++		return -1;
++	}
++
++	gids_str = lxc_string_split(add_gids, ',');
++	if (gids_str == NULL) {
++		ERROR("Failed to split additional gids");
++		return -1;
++	}
++
++	len = lxc_array_len((void **)gids_str);
++	if (len > max_gids) {
++		ERROR("Too many gids");
++		return -1;
++	}
++
++	g = calloc(len, sizeof(gid_t));
++	if (g == NULL) {
++		ERROR("Out of memory");
++		return -1;
++	}
++
++	for (i = 0; i < len; i++) {
++		if (lxc_safe_long_long(gids_str[i], &readvalue) != 0) {
++			SYSERROR("Invalid gid value %s", gids_str[i]);
++			goto err_out;
++		}
++		if (readvalue < 0) {
++			ERROR("Invalid gid value: %lld", readvalue);
++			goto err_out;
++		}
++		g[i] = (unsigned int)readvalue;
++	}
++
++	*gids = g;
++	*gids_len = len;
++	return 0;
++
++err_out:
++	free(g);
++	return -1;
++}
+ #endif
+ 
+ static int my_parser(struct lxc_arguments *args, int c, char *arg)
+@@ -331,6 +385,12 @@ static int my_parser(struct lxc_arguments *args, int c, char *arg)
+ 	case OPT_OPEN_STDIN:
+ 		args->open_stdin = 1;
+ 		break;
++	case OPT_ADDITIONAL_GIDS:
++		if (get_attach_add_gids(arg, &args->add_gids, &args->add_gids_len) != 0) {
++			ERROR("Failed to get attach additional gids");
++			return -1;
++		}
++		break;
+ #endif
+ 	}
+ 	return 0;
+@@ -654,6 +714,11 @@ int main(int argc, char *argv[])
+ 	if (my_args.workdir) {
+ 		attach_options.initial_cwd = my_args.workdir;
+ 	}
++
++	if (my_args.add_gids) {
++		attach_options.add_gids = my_args.add_gids;
++		attach_options.add_gids_len = my_args.add_gids_len;
++	}
+ #endif
+ 
+ 	/* isulad: add do attach background */
+-- 
+2.25.1
+
diff --git a/lxc.spec b/lxc.spec
index 9b0032f277d9a18ffc44dea706f63d3ddf3ca84d..9e609c0421f8327eb1039864aab8b0e54a61678f 100644
--- a/lxc.spec
+++ b/lxc.spec
@@ -1,4 +1,4 @@
-%global _release 2022102403
+%global _release 2022102404
 
 Name:           lxc
 Version:        4.0.3
@@ -59,6 +59,7 @@ Patch0048:	0048-fix-do-mask-paths-after-parent-mounted.patch
 Patch0049:	0049-skip-kill-cgroup-processes-if-no-hierarchies.patch
 Patch0050:	0050-lxc-Add-sw64-architecture.patch
 Patch0051:	0051-add-macro-to-adapt-musl-libc.patch
+Patch0052:	0052-add-lxc-attach-add-gids-option.patch
 
 BuildRequires:  systemd-units git libtool graphviz docbook2X doxygen chrpath
 BuildRequires:  pkgconfig(libseccomp)
@@ -239,6 +240,12 @@ make check
 %endif
 
 %changelog
+* Fri Dec 02 2022 zhangxiaoyu<zhangxiaoyu58@huawei.com> - 4.0.3-2022102404
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: add lxc-attach add-gids option
+
 * Thu Nov 24 2022 zhangxiaoyu<zhangxiaoyu58@huawei.com> - 4.0.3-2022102403
 - Type:bugfix
 - ID:NA
diff --git a/series.conf b/series.conf
index e7e273e5447a8ec572a1ab1cd71abc6315123a65..caff28e78fc303948df2e2d2d3b269cb8ff4de72 100644
--- a/series.conf
+++ b/series.conf
@@ -49,3 +49,4 @@
 0049-skip-kill-cgroup-processes-if-no-hierarchies.patch
 0050-lxc-Add-sw64-architecture.patch
 0051-add-macro-to-adapt-musl-libc.patch
+0052-add-lxc-attach-add-gids-option.patch