Weave network pluging for Kubernetes configures bridge via netlink, so need to allow appropriate netlink messages if sent inside a Container.
https://jira.sw.ru/browse/PSBM-92107 Signed-off-by: Konstantin Khorenko <[email protected]> (cherry picked from vz7 commit e7c862d58164c1b3376c8c568099cde3a540853d) Signed-off-by: Vasily Averin <[email protected]> --- kernel/ve/ve.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c index 2283e234af5f..350ff2990af5 100644 --- a/kernel/ve/ve.c +++ b/kernel/ve/ve.c @@ -191,6 +191,9 @@ int vz_security_family_check(struct net *net, int family, int type) case RTM_NEWNEIGH: case RTM_DELNEIGH: case RTM_GETNEIGH: + case RTM_GETLINK: + case RTM_DELLINK: + case RTM_SETLINK: return 0; } default: -- 2.25.1 _______________________________________________ Devel mailing list [email protected] https://lists.openvz.org/mailman/listinfo/devel
