error in man page for lxc.container.conf
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lxc (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
the man page or lxc.container.conf contains in "CONTROL GROUP" section the following text :
--------------
• A allowlist device rule
will cause LXC to instruct the kernel to block access to all devices by default. To grant access to devices allow device rules must be added via
the lxc.cgroup2.
• A denylist device rule
will cause LXC to instruct the kernel to allow access to all devices by default. To deny access to devices deny device rules must be added via
-------------------
the titles are inverted, the first is a denylist, the second is an allowlist
ubuntu version : 21.10
package version : lxc-utils 1:4.0.10-0ubuntu5 amd64
Changed in lxc (Ubuntu): | |
status: | New → In Progress |
This bug was fixed in the package lxc - 1:4.0.12-0ubuntu1
---------------
lxc (1:4.0.12-0ubuntu1) jammy; urgency=medium
* Cherry-pick upstream bugfixes (stable-4.0): checkconfig- Fix-bashism. patch Fix-reverse- allowlist- denylist. patch (LP: #1957934)
- 0002-lxc-
- 0003-doc-
* New upstream bugfix release (4.0.12): /discuss. linuxcontainers .org/t/ lxc-4-0- 12-has- been-released/ 13288)
(https:/
- Fixed CRIU restoration of containers with pre-created veth interfaces
- Fixed issue with kernels lacking SMT support
- Extended cgroup2 config options in lxc.mount.auto (cgroup2)
- lxc-download now relies on HTTPS for validation (avoids GPG issues)
* New upstream bugfix release (4.0.11) /discuss. linuxcontainers .org/t/ lxc-4-0- 11-has- been-released/ 12427)
(LP: #1943441, LP: #1938771, LP: #1891903):
(https:/
- Core scheduling support (lxc.sched.core)
- riscv64 support in lxc.arch
- Significantly improved bash completion profile
- Greater use of the new VFS mount API (when supported by the kernel)
- Fix containers with empty network namespaces
- Handle kernels that lack TIOCGPTPEER
- Improve CPU bitmask/id handling (handle skipped CPU numbers)
- Reworked the tests to run offline
* Bump to debhelper 12 (allows focal SRUs)
* Bump standards to 4.6.0.1
* Add lintian overrides for incorrect bashism detection
* Remove bash completion install logic (now done upstream)
-- Stéphane Graber <email address hidden> Wed, 02 Feb 2022 20:48:39 -0500