document CAP_SYS_ADMIN required for systemd PrivateNetwork #6682
Conversation
|
Hi @jamescassell. Thanks for your PR. I'm waiting for a containers member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
needs-ok-to-test
|
original "PrivateNetwork doesn't work in rootless" reference in the docs was added in #3972 |
|
Thanks @jamescassell, but you need to sign your PR. |
Signed-off-by: James Cassell <[email protected]>
jamescassell
force-pushed
the
doc-sysadmin-for-privatenet
branch
from
971e8fd to
ee74083
Compare
|
The tests are currently failing because an container image we use in the CI has changed and regressed. Can you rebase the PR on the lastet master? This will unblock CI. |
|
Seems like CI should be testing a merge, not the PR HEAD.... |
|
@jamescassell Please rebase. |
Co-authored-by: Qi Wang <[email protected]>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: jamescassell The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@jamescassell still missing a signature on your commit |
|
Changes LGTM otherwise. |
|
@jamescassell can you squash the two commits and repush? That should unblock CI and turn it green. |
github-actions
bot
added
the
locked - please file new issue/PR
This wasn't working for rootful containers either without the
--privilegedflag. I did some searching and found thatCAP_SYS_ADMINis required forPrivateNetworkfeature to work: https://stackoverflow.com/questions/39539188/why-unshareclone-newnet-requires-cap-sys-admin