> On 27/10/2021 12:22 Iain Buclaw <ibuc...@mailbox.org> wrote: > > > Package: procps > Version: 2:3.3.17-5 > Severity: important > Tags: patch > X-Debbugs-Cc: ibuc...@mailbox.org > > Dear Maintainer, > > * What led up to the situation? > > Installing a package that runs sysctl -p in its postinst script fails > with a non-zero exit status. > > * What exactly did you do (or not do) that was effective (or > ineffective)? > > # cat /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.shmmax.conf > kernel.shmmax = 17179869184 > > # sysctl -p /opt/gitlab/embedded/etc/90-omnibus-gitlab-kernel.shmmax.conf > > * What was the outcome of this action? > > sysctl: permission denied on key "kernel.shmmax" > > * What outcome did you expect instead? > > sysctl: permission denied on key "kernel.shmmax", ignoring > > > Patches are available in Ubuntu, but have not been backported to Debian. > The absence of these in Debian makes running services that expect host > system access in LXC containers untenable. > > https://git.launchpad.net/ubuntu/+source/procps/tree/debian/patches/ignore_eaccess.patch?h=applied/ubuntu/focal-devel > https://git.launchpad.net/ubuntu/+source/procps/tree/debian/patches/ignore_erofs.patch?h=applied/ubuntu/focal-devel >
This bug report is further justification for these patches. https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1419554
