Podman image: Set default_sysctls to empty for rootless containers

Avoids the error "Error: error preparing container xyz... for attach: crun: open /proc/sys/net/ipv4/ping_group_range: Read-only file system: OCI runtime error" when using `podman run --net bridge` inside rootful Podman running without --security-opt unmask=ALL (or 'unmask=/proc/*') Signed-off-by: Joakim Nohlgård <joakim@nohlgard.se>
2022-10-18 09:27:20 +02:00 · 2022-10-18 09:27:20 +02:00 · 02bb7c2cf3
parent 2fb7218e63
commit 02bb7c2cf3
1 changed files with 1 additions and 0 deletions
--- a/contrib/podmanimage/stable/podman-containers.conf
+++ b/contrib/podmanimage/stable/podman-containers.conf
@ -2,3 +2,4 @@
 volumes = [
 	"/proc:/proc",
 ]
+default_sysctls = []