OpenRC scripts: need net breaks lxc containers with fixed ip's set in container config
I set LXC container ip addresses in it’s config file so I can drop more prvilieges.
Setting ip addresses in the config file also means you do not need networking in the default runlevel (the networking initd also breaks macvlan ipv6 address set in the config file).
With networking removed from the runlevels this issue still happens with nginx-naxsi due to it’s initd using:
need net * Starting busybox crond ... [ ok ] * Starting networking ... * eth0 ...udhcpc: started, v1.25.1 udhcpc: sending discover udhcpc: sending discover udhcpc: sending discover udhcpc: sending discover udhcpc: sending discover udhcpc failed to get a DHCP lease udhcpc: no lease, failing [ !! ] * ERROR: networking failed to start * ERROR: cannot start nginx as networking would not start
removing “need net” from nginx’s initd & removing networking from the runlevels fixes everything as expected.
perhaps a better fix is to add a start_pre() to the networking initd to check if an interface is already up - or solve this with OpenRC keywords in the specific initd that uses “need net” (suggested by Jakob https://github.com/alpinelinux/aports/pull/1039)
(from redmine: issue id 7038, created on 2017-03-18)