[pkg-lxc-devel] Bug#992255: openvpn fails in a container (missing cgroup2 support)
Jean-Michel Vourgère
nirgal at debian.org
Mon Aug 16 13:48:33 BST 2021
Package: lxc-templates
Version: 3.0.4-5
Severity: normal
Affects: openvpn
Dear Maintainer,
After upgrading to bullseye, my container with openvpn failed to start.
The syslog error message is:
ERROR: Cannot open TUN/TAP dev /dev/net/tun: Operation not permitted (errno=1)
and indeed "cat /dev/net/tun" fails with that same error.
I traced the problem to cgroup2 migration.
Adding
lxc.cgroup2.devices.allow = c 10:200 rwm
in my container config file fixed the issue.
I believe cgroup2 support should be added generally in
/usr/share/lxc/config/debian.common.conf
with keys for both cgroup1 and cgroup2 in a way that is similar to
/usr/share/lxc/config/common.conf
Please add cgroup2 support.
Thank you
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-lxc-devel/attachments/20210816/a42e2e8a/attachment.sig>
More information about the Pkg-lxc-devel
mailing list