Installing the LXD snap from edge channel (for fscaps support), on the current 4.4 kernel:
root@djanet:~# lxc launch ubuntu-daily:cosmic c1 To start your first container, try: lxc launch ubuntu:18.04 Creating c1 Starting c1 root@djanet:~# lxc exec c1 -- setcap cap_net_raw+ep /usr/bin/mtr-packet Failed to set capabilities on file `/usr/bin/mtr-packet' (Operation not permitted) The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file As expected on that kernel, the caps were lost when the container got uid shifted and manually setting the caps from within the container fails. After switching to 4.4.0-132: root@djanet:~# lxc exec c1 -- setcap cap_net_raw+ep /usr/bin/mtr-packet root@djanet:~# lxc exec c1 -- getcap /usr/bin/mtr-packet /usr/bin/mtr-packet = cap_net_raw+ep ** Tags removed: verification-needed-xenial ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1778286 Title: Backport namespaced fscaps to xenial 4.4 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1778286/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
