network namespaces
Jamie Strandboge
jamie at canonical.com
Mon Feb 27 19:10:08 UTC 2017
On Tue, 2017-02-21 at 11:53 -0600, Jamie Strandboge wrote:
> On Tue, 2017-02-21 at 12:39 +0100, Luca Dionisi wrote:
> >
> > Are network namespaces supported in snaps?
> >
> > In my RaspberryPi3 I have a snap which has been installed with --devmode.
> > Inside the snap I have exposed the command 'bash'. I exec that bash as
> > root. Then I try to create a network namespace. It fails.
> >
> > $ sudo myapp.bash
> > # ip netns add ns0
> > open("/proc/self/ns/net"): Permission denied
> > #
> >
> You are hitting this bug:
> https://bugs.launchpad.net/apparmor/+bug/1648903
>
> The workaround is to declare in your snap 'plugs: [ network-control ]' and to
> connect the interface with 'sudo snap connect myapp:network-control' even when
> using devmode. After that you should be able to use 'ip netns' within your
> snap.
>
FYI, the fix for this kernel bug is in Ubuntu 17.04 development release and will
be in the next kernel update for Ubuntu 16.04 LTS and Ubuntu 16.10. Ubuntu 14.04
LTS will receive the fix after 16.04 LTS is updated. I've asked for
corresponding updates for the pi kernels and snaps.
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/snapcraft/attachments/20170227/6990867f/attachment.sig>
More information about the Snapcraft
mailing list