Public bug reported: Request to backport Kernel changes from Kernel 4.5 to lts kernel 4.4 for xenial and if possible to lts kernel for 14.04
Change upstream: netfilter: Set /proc/net entries owner to root in namespace http://git.kernel.org/cgit/linux/kernel/git/pablo/nf-next.git/commit/?id=f13f2aeed154da8e48f90b85e720f8ba39b1e881 This is the Kernel-side part of the fix for "iptables-save does not work inside lxd containers" https://github.com/lxc/lxd/issues/1978#issuecomment-220998013 The necessary changes in lxc landed in lxc/lxd https://github.com/lxc/lxc/pull/1014 and is available in version 2.0.1, currently in xenial-proposed. It would be great if this would be backported asap. As it allows to manage the firewall within lxd instances using Puppet and probably other configuration management systems. And to use iptables-save manually ** Affects: linux (Ubuntu) Importance: Medium Assignee: Seth Forshee (sforshee) Status: Confirmed ** Affects: linux (Ubuntu Xenial) Importance: Medium Assignee: Seth Forshee (sforshee) Status: Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1584953 Title: backport fix for /proc/net issues with containers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1584953/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
