Re: why do I have to use backports kernel to make LXC work on Bookworm?

To: Harald Dunkel <harri@afaics.de>
Cc: debian-kernel@lists.debian.org
Subject: Re: why do I have to use backports kernel to make LXC work on Bookworm?
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 28 Dec 2023 14:40:30 +0100
Message-id: <[🔎] ZY16zh3mqDNoFF88@eldamar.lan>
Mail-followup-to: Harald Dunkel <harri@afaics.de>, debian-kernel@lists.debian.org
In-reply-to: <[🔎] 905d282f-c797-4395-a91e-05586888ed43@afaics.de>
References: <[🔎] 905d282f-c797-4395-a91e-05586888ed43@afaics.de>

Hi,

On Thu, Dec 28, 2023 at 02:13:28PM +0100, Harald Dunkel wrote:
> Hi folks,
> 
> apparently LXC is affected by a bug around apparmor support for months,
> see #1052934 and #1050256. The workaround is to set PrivateNetwork=false
> (set by default as a security measure) or to use a backports kernel.
> 
> AFAIU reason is a bug in 6.1. The fix (1cf26c3d2c4c) is not a one-liner,
> but reasonably small, and it has already been verified, so how comes it
> is still in the loop for weeks?

Because it needs backporting work in 6.1.y upstream, which for John
Johansen aimed to work on. You can read about the history and backlog
in #1050256 . So far I have not got a reply from John on
https://bugs.debian.org/1050256#215 .

Regards,
Salvatore

Reply to:

Follow-Ups:
- Re: why do I have to use backports kernel to make LXC work on Bookworm?
  - From: Harald Dunkel <harri@afaics.de>

References:
- why do I have to use backports kernel to make LXC work on Bookworm?
  - From: Harald Dunkel <harri@afaics.de>

Prev by Date: why do I have to use backports kernel to make LXC work on Bookworm?
Next by Date: Re: why do I have to use backports kernel to make LXC work on Bookworm?
Previous by thread: why do I have to use backports kernel to make LXC work on Bookworm?
Next by thread: Re: why do I have to use backports kernel to make LXC work on Bookworm?
Index(es):
- Date
- Thread