[pve-devel] [PATCH lxc] add patches for cgroup handling in non-unified cgroup setups

Thomas Lamprecht t.lamprecht at proxmox.com
Tue Jul 20 13:39:24 CEST 2021


On 20.07.21 12:52, Stoiko Ivanov wrote:
> I opened a PR at lxc-upstream with these changes [0].
> 
> Testing in my hybrid layout environment fixes the issue with
> priviledged container reported in the forum.
> (Note that the issue also occurs with unprivileged container, if they
> have a `lxc.cgroup.devices.(allow|deny)` entry (which they don't in
> our default config)
> 
> [0] https://github.com/lxc/lxc/pull/3911
> 
> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>

I guess, from off-list discussion, a R-b from Wolfgang could have been aded
here?

> ---
> I quickly considered also updating lxc to 4.0.10 (which was released last
> friday, but ran into some issues with mounting /sys/devices/virtual/net,
> which I did not yet get to looking at.
> 

I also prefer doing this with 4.0.9-3.

applied, thanks!





More information about the pve-devel mailing list