Public bug reported: libvirtd cannot properly configure the default bridge device when installed inside of unprivileged LXD containers. 'systemctl status libvirtd' shows the following error:
error : virNetDevBridgeSet:140 : Unable to set bridge virbr0 forward_delay: Permission denied This is caused due to the files under /sys/class/net/ being owned by init namespace root rather than container root even when the bridge device is created inside of the container. Here's an example from inside of an unprivileged container: # brctl addbr testbr0 # ls -al /sys/class/net/testbr0/bridge/forward_delay -rw-r--r-- 1 nobody nogroup 4096 Jul 30 22:33 /sys/class/net/testbr0/bridge/forward_delay libvirt cannot open this file for writing even though it created the device. Where safe, files under /sys/class/net/ should be owned by container root. The following upstream patches have been merged into linux-next which fix this bug: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=c59e18b876da3e466abe5fa066aa69050f5be17c https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=d1753390274f7760e5b593cb657ea34f0617e559 ** Affects: linux (Ubuntu) Importance: Medium Assignee: Tyler Hicks (tyhicks) Status: In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1784501 Title: libvirtd is unable to configure bridge devices inside of LXD containers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1784501/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
