Quoting Ivan Vilata i Balaguer (i...@selidor.net): > Hi everyone, > > I'm using lxc 0.9.0 alpha 2 on a 3.7 kernel under Debian (experimental > kernel), and I've noticed that some files and directories under > `/proc/sys/net` simply don't appear in my container. Particularly > `/proc/sys/net/bridge` (which exists in the host) is missing, and I need > to change some of its files in the container. > > (In the 3.2 kernel the files were present, but they were those of the > host and changing them altered their value in the host too.) > > Is it expected that these entries are missing? Is there any way of > bringin them back? > > I can provide more information if needed. Thanks a lot!
This looks simply like a missing feature in the kernel. If you look at net/bridge/br_netfilter.c:br_netfilter_init(), it is specifically only sticking net/bridge onto init_net (and only being called, it seems, at bridge.ko modprobe time). And the values are not handled per-namespace in brnf_sysctl_call_tables(). If you need this feature, your best bet would be to submit a patch to implement per-netns net/bridge sysctls. Second best bet would be to mention your need for it on netdev + linux-kernel mailing lists. -serge ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
