[lxc-users] 4.0.6 regression: /proc/sys/net/ipv4/ip_forward: Read-only file system
Harald Dunkel
harald.dunkel at aixigo.com
Fri Feb 5 07:58:57 UTC 2021
On 2/4/21 3:32 PM, Harald Dunkel wrote:
>
> How comes it worked before? Hopefully I am not too blind to see,
> but the git log doesn't tell that this has been changed.
>
PS: I found
af9dd246df7c99740f153682e0eb427f1426693d
unmounted proc/sys/net if dropping CAP_NET_ADMIN
apparently introducing the problem for 4.0.6, and
952ab618268b4af2773ed9d8fade817363c28a5c
conf: fix CAP_NET_ADMIN-based mount handling
563ec46266b8967f0ee60e0032bbe66b3b37207c
conf: fix containers retaining CAP_NET_ADMIN
providing the fix (hopefully). Did I miss other related fixes?
Since breaking /proc is a very serious problem I wonder if it would
be reasonable to do an early release lxc 4.0.7, including these fixes?
Regards
Harri
More information about the lxc-users
mailing list