[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
This bug was fixed in the package iptables-persistent - 1.0.7ubuntu1
---
iptables-persistent (1.0.7ubuntu1) cosmic; urgency=medium
* plugins/{15-ip4tables,25-ip6tables}: Adjust plugins code to not hard-fail
when a modprobe is unsuccessful. Similar behavior was implemented in
later iptables versions upstream. (LP: #1820144)
-- Thomas Ward Thu, 21 Mar 2019 16:22:37 -0400
** Changed in: iptables-persistent (Ubuntu Cosmic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820144
Title:
iptables-persistent fails in containers due to modprobe being
unavailable even though module could've been loaded outside of the
container
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
This bug was fixed in the package iptables-persistent -
1.0.4+nmu2ubuntu1
---
iptables-persistent (1.0.4+nmu2ubuntu1) bionic; urgency=medium
* plugins/{15-ip4tables,25-ip6tables}: Adjust plugins code to not hard-fail
when a modprobe is unsuccessful. Similar behavior was implemented in
later iptables versions upstream. (LP: #1820144)
-- Thomas Ward Thu, 21 Mar 2019 16:21:31 -0400
** Changed in: iptables-persistent (Ubuntu Bionic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820144
Title:
iptables-persistent fails in containers due to modprobe being
unavailable even though module could've been loaded outside of the
container
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
I've just tested the -proposed package on cosmic and bionic, works fine now. ** Tags removed: verification-needed-cosmic ** Tags added: verification-done-cosmic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Hello WGH, or anyone else affected, Accepted iptables-persistent into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source /iptables-persistent/1.0.7ubuntu1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: iptables-persistent (Ubuntu Cosmic) Status: In Progress => Fix Committed ** Tags added: verification-needed-cosmic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Hello WGH, or anyone else affected, Accepted iptables-persistent into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source /iptables-persistent/1.0.4+nmu2ubuntu1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: iptables-persistent (Ubuntu Bionic) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Uploaded Bionic and Cosmic debdiffs. ** Changed in: iptables-persistent (Ubuntu Bionic) Status: Confirmed => In Progress ** Changed in: iptables-persistent (Ubuntu Cosmic) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
I verified that the || true pattern is used in the modprobe call in the two files being patched here in 1.0.11 (via sources.debian.net), so this looks good to me. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Thank you for driving these SRUs! A couple of minor comments that I didn't think it was worth blocking on: I'd prefer ubuntu0.1 over ubuntu1 for SRUs. There isn't a hard policy on this, but it does make it clear that it's an SRU just from the version number, reduces the need to check for collisions (there can be none this time though) to only coincident version numbers across releases, and matches the recommendation linked from the SRU wiki page. On the changelog entry, for SRUs specifically, I think it would be helpful to illustrate why a user would want to take the update, rather than just what is being changed, because apparently some users do read the changelogs. So I'd have added something about how this fixes the package when used in a container. I didn't think that was enough reason to block you though, as this has been in the sponsorship queue long enough, so I uploaded. Now awaiting SRU team review (which I can't do because I sponsored). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
WGH: no, because I applied it. Still have to wait for sponsors then the SRU team though. The process is not super quick unfortunately. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
> Can you please read through https://wiki.ubuntu.com/StableReleaseUpdates#SRU_Bug_Template and apply the template for SRU to your bug description, please? This is necessary before this can even be handled like an SRU. Is this still relevant? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
** Changed in: iptables-persistent (Ubuntu) Importance: High => Medium ** Changed in: iptables-persistent (Ubuntu Bionic) Importance: High => Medium ** Changed in: iptables-persistent (Ubuntu Cosmic) Importance: High => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
** Changed in: iptables-persistent (Ubuntu) Importance: Undecided => High ** Changed in: iptables-persistent (Ubuntu Bionic) Importance: Undecided => High ** Changed in: iptables-persistent (Ubuntu Cosmic) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
** Description changed: + [Impact] + + The `iptables-persistent` package when loaded into a container can fail + to install or configure due to a call to modprobe, which containers + cannot access or utilize, which will result in a failure code. This + prevents the scripts from operating as expected. This also appears to + be a duplicate of #1002078 but due to code changes was reintroduced. + + [Test Case] + + (Salvaged from bug comments, works with LXD containers) + + lxc launch ubuntu:18.04 x + lxc exec x apt update + lxc exec x apt install iptables-persistent + lxc exec x netfilter-persistent save + + [Regression Potential] + + The regression potential from the proposed changes is extremely small + and limited. The changes here were implemented in the version of + `iptables-persistent` in Disco and are upstream in origin, though this + is a Native format package so it's right in the package where it's been + altered. + + [Other Information] + + This package is a Native format package, therefore changes were made in + the debdiff directly to the package, as it is not Quilt-patchable. The + changes applied in the debdiffs were adjusted based on the version in + Disco, which appends ` || true` to the modprobe line, so even if + modprobe fails the script doesn't error out. + + [Original Description] + /usr/share/netfilter-persistent/plugins.d/15-ip4tables contains two lines of interest: set -e /sbin/modprobe -q iptable_filter modprobe failure causes entire script to exit with 1 status immediately. Processes run inside of containers (such as LXC and LXD) can't really load modules, and kernel modules usually aren't even installed anyway: root@t1:~# /sbin/modprobe iptable_filter modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.15.0-46-generic/modules.dep.bin' modprobe: FATAL: Module iptable_filter not found in directory /lib/modules/4.15.0-46-generic However, iptables will generally work inside containers, provided that the required modules were loaded outside the container. So instead of failing, I think modprobe errors should be just ignored (|| true). This seems to be the same bug as #1002078, which apparently got reintroduced during code rewrite. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: netfilter-persistent 1.0.4+nmu2 ProcVersionSignature: Ubuntu 4.15.0-46.49-generic 4.15.18 Uname: Linux 4.15.0-46-generic x86_64 NonfreeKernelModules: xt_REDIRECT nf_nat_redirect xt_tcpudp iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack xt_addrtype iptable_filter binfmt_misc veth ebtable_filter ebtables bridge stp llc snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep snd_pcm input_leds joydev serio_raw snd_timer snd soundcore mac_hid sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear hid_generic usbhid hid crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc aesni_intel aes_x86_64 crypto_simd qxl glue_helper ttm cryptd drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops psmouse sym53c8xx scsi_transport_spi drm virtio_blk pata_acpi i2c_piix4 virtio_net floppy ApportVersion: 2.20.9-0ubuntu7.6 Architecture: amd64 Date: Fri Mar 15 00:06:17 2019 PackageArchitecture: all ProcEnviron: - TERM=xterm-256color - PATH=(custom, no user) - XDG_RUNTIME_DIR= - LANG=C.UTF-8 - SHELL=/bin/bash + TERM=xterm-256color + PATH=(custom, no user) + XDG_RUNTIME_DIR= + LANG=C.UTF-8 + SHELL=/bin/bash SourcePackage: iptables-persistent UpgradeStatus: No upgrade log present (probably fresh install) ** Patch added: "iptables-persistent debdiff for Cosmic for bug 1820144" https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+attachment/5249445/+files/lp1820144_cosmic.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
** Patch added: "iptables-persistent debdiff for Bionic for bug 1820144" https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+attachment/5249446/+files/lp1820144_bionic.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Hello to all affected. I have provided debdiffs attached here, and subscribed the Sponsors team as I do not have direct upload for these packages. Once reviewed we can continue with the SRU process. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Hello. Can you please read through https://wiki.ubuntu.com/StableReleaseUpdates#SRU_Bug_Template and apply the template for SRU to your bug description, please? This is necessary before this can even be handled like an SRU. I also have versions of this package with 'fixes' applied in https://launchpad.net/~teward/+archive/ubuntu/build-tests - if you can please test those versions to make sure they fix the issue, that'd be great. I also have debdiffs I will attach to this bug once you have applied the SRU template. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Confirmed, same issue affects Cosmic and is not fixed. ** Changed in: iptables-persistent (Ubuntu Bionic) Assignee: (unassigned) => Thomas Ward (teward) ** Changed in: iptables-persistent (Ubuntu Cosmic) Assignee: (unassigned) => Thomas Ward (teward) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Checked this further in the code, this is what they're doing in latest upstream in Disco. Marking as "Fix Released" for Disco as this is already solved there, going to check the Cosmic version next. Can confirm for Bionic though. ** Also affects: iptables-persistent (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: iptables-persistent (Ubuntu) Status: New => Fix Released ** Changed in: iptables-persistent (Ubuntu Bionic) Status: New => Confirmed ** Also affects: iptables-persistent (Ubuntu Cosmic) Importance: Undecided Status: New ** Changed in: iptables-persistent (Ubuntu Cosmic) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
> This only works if the iptables modules aren't loaded in the 'host' system, correct? I don't get your question. iptables-persistent doesn't work in containers in both cases: - When modules are not loaded. Since containers lack privileges to load them, this is not fixable. - When modules are loaded, because iptables-persistent calls modprobe which fails even when the required modules is already loaded. This is what this bug report is about. The modprobe error can be ignored, as iptables-save and friends will work fine. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
This only works if the iptables modules aren't loaded in the 'host' system, correct? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1820144] Re: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container
Quick reproduction in LXD: lxc launch ubuntu:18.04 x lxc exec x apt update lxc exec x apt install iptables-persistent lxc exec x netfilter-persistent save -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820144 Title: iptables-persistent fails in containers due to modprobe being unavailable even though module could've been loaded outside of the container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables-persistent/+bug/1820144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
