[pkg-lxc-devel] Bug#1116615: Bug#1116615: Unprivileged containers using veth have stopped working after upgrading from bookworm to trixie

Mathias Gibbens gibmat at debian.org
Fri Dec 26 17:29:49 GMT 2025 

On Wed, 2025-11-05 at 23:24 -0600, Linas Vepstas wrote:
> On Sun, Oct 26, 2025 at 1:08 PM Mathias Gibbens <gibmat at debian.org>
> wrote:
> > 
> >   I think there must be something specific to your setup and/or
> > container configuration, as I can successfully start an unprivilged
> > trixie container using the steps below, both on a clean bookworm VM
> > upgraded to trixie after the container is created/started, as well
> > as a clean trixie VM.
> 
> I have no doubt that this is true, but this misses the point. The LXC
> developers have found a bug in their own code, and they fixed that
> bug, and that fix allows me to run my containers. They have published
> their fix;  I tested their patch, it works for me.

  A link to the upstream pull request with the fix would be most
appreciated. Bug fixes for stable must be specific and targeted; since
I can't reproduce the issue on my end I can't git bisect down to the
commit that fixes your issue.

> I am not about to turn around and say something like "no, you LXC
> developers should revert your own patch because there's a mistake in
> my config" -- that's goofy. Maybe there's a mistake in my configs,
> maybe there isn't, but I'm not going to argue with the developers --
> they know better than I. FWIW, I did spend like 8 or twelve hours
> tracking this down over two days: this was a highly non-trivial
> issue.
> 
> So what I am trying to say is this: "Hey Debian, here's a real issue
> that really happens, and the LXC guys have already patched it, and
> the patch works, so please backport to Debian stable." If you don't
> want to backport ... well, what more can I say? I've already bashed
> my head on this far longer than I would have ever hoped. It was a
> bear.

  Without additional information to help other people reproduce your
issue, there's really nothing that can be done about this bug.

Mathias
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-lxc-devel/attachments/20251226/224e58b4/attachment.sig>

More information about the Pkg-lxc-devel mailing list