Control: tag -1 upstream wontfix On Sun, 2026-04-05 at 21:03 -0600, Sebastian Kuzminsky wrote: > Package: linux-image-rt-amd64 > Version: 6.19.10-1 > Severity: normal > X-Debbugs-Cc: [email protected], [email protected] > User: [email protected] > Usertags: amd64 > > I recently upgraded from Trixie to Forky, and libvirt and docker broke. > > I've tracked the problem down to a bug (i think?) in the > linux-image-rt-amd64 kernel package that I use. In Trixie, the -rt > kernel includes ip_tables.ko, but in Forky it does not, and everything > that relies on iptables-legacy breaks. This includes docker and libvirt. [...]
xtables (including iptables) did not work correctly on RT, so this combination has been intentionally disabled upstream. See <https://git.kernel.org/linus/9fce66583f06c212e95e4b76dd61d8432ffa56b6>. The xtables APIs are generally deprecated now, so docker and libvirt should use nftables by default. Bug #1130974 tracks this for libvirt. For docker I think this was supposed to be addressed with bug #921600, but there is still the related bug #903635 open. Ben. -- Ben Hutchings Everything should be made as simple as possible, but not simpler. - Albert Einstein
signature.asc
Description: This is a digitally signed message part
