[pkg-lxc-devel] Bug#981980: 4.0.6 regression: /proc/sys/net is read-only

Harald Dunkel harald.dunkel at aixigo.com
Fri Feb 5 14:07:47 GMT 2021


Package: lxc
Version: 1:4.0.6-1

563ec46266b8967f0ee60e0032bbe66b3b37207c introduced a bug into
lxc 4.0.6: /proc/sys/net is mounted read-only, even though the
container is privileged and did not drop CAP_NET_ADMIN. Result:

	# echo 0 >/proc/sys/net/ipv4/ip_forward
	bash: /proc/sys/net/ipv4/ip_forward: Read-only file system
See

	https://github.com/lxc/lxc/issues/3627
	https://github.com/brauner/lxc/commit/3cf860f7ed3eb989fd0a3f31c761966e0fb07937

for further details and a fix (attached).


Regards
Harri

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0007-fix-containers-retaining-CAP_NET_ADMIN.patch
Type: text/x-patch
Size: 8519 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-lxc-devel/attachments/20210205/b10e46fe/attachment.bin>


More information about the Pkg-lxc-devel mailing list