Kyle Sessions
Kyle Sessions
@hokein I am also seeing this issue. Host computer: MAC, clangd not installed Remote computer: Linux - RHEL 7, clangd is installed - open vscode on MAC - connected to...
I am trying to understand the filtering connections section. How can I enter the namespace with real root? There is no context around how the example creates the namespace: https://github.com/rootless-containers/slirp4netns/blob/master/slirp4netns.1.md#filtering-connections...
I see, I misunderstood you were telling me to unload the iptable_filter module. I tried doing this, and seems I am still seeing an issue. I can't modprobe iptable_filter due...
Well I tried upgrading to 1.8.4 iptables on Ubuntu 18.04, 4.9.140 and still see an issue: ``` (namespace) root@tegra-ubuntu:~# iptables -A OUTPUT -d 10.0.2.3 -p udp --dport 53 -j ACCEPT...
@AkihiroSuda I can run iptables on the host with sudo. I was showing that if I remove the module `iptable_filter` as per your suggestion, I am still getting an issue...
``` user1@tegra-ubuntu:/data/bin$ sudo modprobe --verbose ip_tables iptable_mangle iptable_nat iptable_filter user1@tegra-ubuntu:/data/bin$ ./dockerd-rootless.sh + [ -w /run/user/1000 ] + [ -w /home/user1/ ] + rootlesskit= + which docker-rootlesskit + which rootlesskit +...
@woehrl01 based on your last update, this seems to be expected behavior, right? > I have some additional findings. Running the following script on a node with the above settings,...
Thanks for opening this feature request! Sounds like we need to expose some new settings to allow these to be set. Linking another request for setting a value in `chrony.conf`...
**_Update:_** Hey @alexsorkin, Updating my original comment: I was able to reproduce - and it does appear to be a bug. I see the issue is that our [template files](https://github.com/bottlerocket-os/bottlerocket-update-operator/blob/1979088243aed1fc41797bf652e2ff8dae8769ad/deploy/charts/bottlerocket-update-operator/templates/agent-daemonset.yaml#L92)...
@alexsorkin So it seems if the IAM role has access, that should work. But of course that may not be ideal, and this is a bug. Do you mind sharing...