Can not run docker in ubuntu22.04 container

Hi, it seem that can not run docker inside ubuntu22.04 container, got error docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: open sysctl net.ipv4.ip_unprivileged_port_start file: reopen fd 8: permission denied: unknown

lxc launch ubuntu:22.04 jammy-instance

lxc config set jammy-instance security.nesting true

lxc shell jammy-instance

apt update

apt install docker.io

docker run --rm docker.io/oamdev/hello-world:latest

I found this issue https://discuss.linuxcontainers.org/t/unable-to-initialize-docker-on-incus/25144/15, but I don’t know how to solve it in lxd ubuntu container.

Its related to a runc CVE fix that exposed a limitation in AppArmor.

There’s a workaround for this in LXD 6.6 available in the 6/candidate channel and will be rolling
out to 6/stable next week.

For the 5.21/stable LTS channel it will take a bit longer as we are in the process of backporting the fix to that series to include in an interim release.

thanks, wait for the good news!

This topic was automatically closed 6 hours after the last reply. New replies are no longer allowed.