Re: [Buildroot] [PATCH 9/9 v3] package/podman: new package

["Yann E. MORIN" <yann.morin.1998@free.fr>]

raphael, All,

On 2025-03-08 12:00 +0100, Yann E. MORIN spake thusly:
> On 2025-03-07 14:40 +0100, Raphael Pavlidis spake thusly:
> > On 3/1/25 16:05, Yann E. MORIN wrote:
[--SNIP--]
> > > +	select BR2_PACKAGE_IPTABLES  # runtime
> > I am sure that you do not need iptables if you are using nftables.
> I briefly tried with nftables, it did not work, so I did not investigate
> further; IIRC it was before I had to write containers.conf, so maybe we
> can specify the firewall driver there... Ah, yes, it seems we can do
> that:
>     firewall_driver=""
>     The firewall driver to be used by netavark. [...] supported drivers
>     are "iptables", "nftables" [...]

Doing so was not enough to use nftables. Even with every NFT modules
enabled in the kernel, netavark would still whine than nft would fail to
list rules, or apply them.

So, I eventually got to the bottom of the issue: netavark requires that
nftables be build with support for JSON output. Once this is done, then
it all magically works (magically, as with all the tears ands sweat and
swearwords as the trinkets and incatation needed for such a spell...)

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot