Hello everyone, On Thu, 2023-08-31 at 08:55 +0200, Michael Biebl wrote: > > > > What we found so far is, that the AppArmor policy of lxc breaks any > > systemd service using PrivateNetwork=yes or PrivateIPC=yes when > > being > > run under lxc (running under bookworm using the bookworm kernel). > > > I.e. by setting `lxc.apparmor.profile = unconfined` in > /etc/lxc/default.conf and regenerating the autopkgtest container on > bookworm, the failures are gone. >
same case for systemd services using DynamicUser=yes Kind regards, Dan
smime.p7s
Description: S/MIME cryptographic signature
