Bug ID | 988348 |
---|---|
Summary | enable setuid bit on lxc-user-nic |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Virtualization:Other |
Assignee | virt-bugs@suse.de |
Reporter | cbrauner@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
We're in the process of moving the devel project for lxc from Virtualization to Virtualization:containers (https://build.opensuse.org/package/show/Virtualization:containers/lxc). We're aiming at full support for unprivileged containers. Since unprivileged users are not allowed to attach veth devices to network bridges, lxc uses lxc-user-nic for a long time to do this. This is the only purpose of this binary and it is the only suid binary shipping with lxc. We're currently removing the suid bit during install but I'd really like to have this on by default. We're planning on packaging lxd and it will need lxc-user-nic as well.