On 22.07.20 13:05, Stoiko Ivanov wrote: > This patchset addresses 2 minor inconveniences I ran into, while running my > host with 'systemd.unified_cgroup_hierarchy=1': > > * apparmor mount denies for '/proc/sys/kernel/random/boot_id' (this happens > irrespective of the cgroup-layout > * having to add > `lxc.init.cmd: /lib/systemd/systemd systemd.unified_cgroup_hierarchy=1` > to all my container configs (for debian and arch containers at least > alpine runs without issues) - see [0] for a discussion of the topic > > While investigating this I noticed that the fixes for both issues were already > on upstream/master (with one small other fix in between) - so instead of > cherry-picking both patches I fast-forwarded to the last needed commit. > Glad to resend with the patches cherry-picked and added to our patchqueue. > > I would probably submit the apparmor fix upstream (after a quick check by > another set of eyes :) > > [0] https://github.com/lxc/lxc/issues/3183 > > Stoiko Ivanov (2): > update lxc to include fixes for cgroupv2 setups > apparmor: add rule for allowing remount of boot_id > > ...apparmor-Allow-ro-remount-of-boot_id.patch | 26 +++++++++++++++++++ > debian/patches/series | 1 + > lxc | 2 +- > 3 files changed, 28 insertions(+), 1 deletion(-) > create mode 100644 > debian/patches/pve/0004-apparmor-Allow-ro-remount-of-boot_id.patch >
2/2 got merged into upstream and is available with 4.0.4, could you see if we can seamlessly update from currently packaged 4.0.3 to 4.0.4? _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
