> systemd-nspawn containers don't have CAP_SYS_ADMIN
Above statement is utter bollocks. Please ignore..
I finally got to the bottom of all this and now have the test suite passing.
- don't use `--disable-keyring', it's busted
- systemd-nspawn containers need to be configured with additional
ca
strace shows the problem:
add_key("user", "qemu_test_secret", "Test Payload", 12,
KEY_SPEC_PROCESS_KEYRING) = -1 EPERM (Operation not permitted)
It appears systemd-nspawn containers don't have CAP_SYS_ADMIN which is
apparently needed for the keyring stuff to work. Fair enough.
But the underlying
Ping. Nobody else seeing this?
I can only assume you don't have keyutils-dev (or equivalent) installed
on your system.
This is a key difference (pardon the pun!) between Arch and the bigger
distros. Arch tends to avoid splitting development libs and headers into
separate packages, which might exp
