Comment 22 for bug 1535951
Revision history for this message
| Simon Déziel (sdeziel) wrote Re: [Bug 1535951] Re: Please merge strongswan 5.3.5-1 (main) from Debian unstable (main) | #22 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
On 2016-02-14 09:00 AM, Simon Deziel wrote:
> On 2016-02-13 10:03 PM, Ryan Harper wrote:
>> On Sat, Feb 13, 2016 at 7:51 PM, Simon Déziel <email address hidden>
>>> libipsec support is very cool (thanks for enabling it!) as it should
>>> allow running a IPsec in containers.
>>>
>>>
>> Please do confirm if that's working. I suspect they'll need to be
>> privileged containers
>> or will need some additional permissions/configs for unprivileged since
>> it'll want access to
>> /dev/net/tun which won't be present by default.
Correct, for unprivileged containers, one has to make the tun device
available using:
lxc config device add $CTNAME tun unix-char path=/dev/net/tun
Then it works.
Thanks,
Simon