Well, the thing is that with the CVE patch applied, all kinds of things
won't work running Docker in an unprivileged container. So even if we
worked around the getPipeFds() issue, we'd still fail e.g. at setting
oom-score adjust because it also tries to access files under
/proc/<pid>. I think we will have to discuss an alternate approach with
upstream. Until such time, a workaround is to set

lxc config set <container_name> security.privileged true

Would that be acceptable?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1655906

Title:
  Please upgrade docker.io to latest 1.12.6

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/containerd/+bug/1655906/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to