[Bug 1210] nftables gets confused by user namespaces when meta skuid is used
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri Jul 12 13:00:21 CEST 2019
https://bugzilla.netfilter.org/show_bug.cgi?id=1210
Phil Sutter <phil at nwl.cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |phil at nwl.cc
--- Comment #6 from Phil Sutter <phil at nwl.cc> ---
Hi,
(In reply to Yves from comment #5)
> I built the new kernel using the instructions here:
> https://wiki.archlinux.org/index.php/Kernels/Arch_Build_System
> and adding the providing patch as the first step of the build.
>
> I see no change: when nftables is stopped, exim can telnet to port 25; when
> nftables is started, exim cannot anymore.
Can you please try again with an up to date system? I can't reproduce the skuid
matching problem on my testing VM (running current kernel and nftables). Maybe
it really is a problem of uid resolution in container? Did you make sure that
'nft -nn list ruleset' shows the same uid as 'id -u exim'?
Thanks, Phil
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190712/7487a56f/attachment-0001.html>
More information about the netfilter-buglog
mailing list