Package: needrestart Version: 3.6-4+deb12u3 Severity: serious Justification: Breaks unrelated software X-Debbugs-Cc: [email protected], [email protected]
Hi Patrick,
I investigated a curious networking problem in Debian's autopkgtest
infrastructure along with Paul. We found that a recent (innocent) nftables
update caused needrestart to trigger a nftables.service restart which
flushed volatile firewall rules installed into the kernel by
lxc. Specifically by lxc-net.service see /usr/libexec/lxc/lxc-net.
I think we should add an exception for nftables to $nrconf{override_rc} to
avoid this problem since there doesn't seem to be any point in restarting
it for security purposes.
Thanks,
--Daniel
signature.asc
Description: PGP signature
