Bug#1042880: systemd: service with PrivateNetwork=yes fails to start inside a lxc container
Michael Biebl
biebl at debian.org
Wed Aug 2 12:13:05 BST 2023
Hi Simon
Am 02.08.23 um 12:32 schrieb Simon McVittie:
> However, in a lxc container, this isn't working for me, causing
> autopkgtest failure for policykit-1 (>= 123) (which I'm going to work
> around by removing the PrivateNetwork=yes option for now). This is
> important because ci.debian.net can currently only test packages in an
> lxc container.
>
> Steps to reproduce
> ==================
I'm not able to reproduce the issue (running LXC on Debian sid).
I use privileged LXC containers with the following config:
# cat /etc/lxc/default.conf
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.apparmor.profile = unconfined
Are you by any chance using unprivileged containers?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20230802/99b99ee4/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list