From 02bb7c2cf32b69f65a45e231f6e3c820ce0dfb5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Joakim=20Nohlg=C3=A5rd?= <joakim@nohlgard.se>
Date: Tue, 18 Oct 2022 09:27:20 +0200
Subject: [PATCH] Podman image: Set default_sysctls to empty for rootless
 containers
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Avoids the error "Error: error preparing container xyz... for attach:
crun: open /proc/sys/net/ipv4/ping_group_range: Read-only file system:
OCI runtime error" when using `podman run --net bridge` inside rootful
Podman running without --security-opt unmask=ALL (or 'unmask=/proc/*')

Signed-off-by: Joakim Nohlgård <joakim@nohlgard.se>
---
 contrib/podmanimage/stable/podman-containers.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/contrib/podmanimage/stable/podman-containers.conf b/contrib/podmanimage/stable/podman-containers.conf
index 503cca365f..2bdd95a3b5 100644
--- a/contrib/podmanimage/stable/podman-containers.conf
+++ b/contrib/podmanimage/stable/podman-containers.conf
@@ -2,3 +2,4 @@
 volumes = [
 	"/proc:/proc",
 ]
+default_sysctls = []