Bug#1042880: systemd: service with PrivateNetwork=yes fails inside lxc container on bookworm
Michael Biebl
biebl at debian.org
Fri Aug 25 00:10:58 BST 2023
On Wed, 2 Aug 2023 17:05:18 +0100 Simon McVittie <smcv at debian.org> wrote:
> Control: retitle -1 systemd: service with PrivateNetwork=yes fails inside lxc container on bookworm
>
> On Wed, 02 Aug 2023 at 17:53:30 +0200, Michael Biebl wrote:
> > Ok, I can reproduce the issue in a bookworm test VM.
> > Upgrading that VM to trixie the issue appears to be gone.
>
> Retitling to reflect that. I think this is still going to be
> a practical problem for the autopkgtests of packages like polkitd,
> because ci.debian.net runs on stable.
I've been approaching this from a different angle via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050256
From what I could gather so far, this is basically an AppArmor issue
and needs to be addressed in the kernel and/or apparmor and/or lxc.
Regards,
Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20230825/d9614e1b/attachment.sig>
More information about the Pkg-systemd-maintainers
mailing list