[Kea-users] Unable to test configuration in docker - Kea always opening a raw socket?
Elton, Norman N
wnelto at wm.edu
Wed Jan 29 21:15:17 UTC 2025
We’re storing Kea configurations in GitLab, and would like to use CI/CD to validate them before pushing out to our servers. I can run “kea-dhcp4 -T <file>” in a docker container on my desktop fine, but get an “Operation Not Permitted” error when doing the same through GitLab. It appears that GitLab CI/CD runners have additional restrictions in place, including dropping the NET_RAW capability. I can reproduce the error by running docker with “--cap-drop NET_RAW”.
This all makes sense, CI/CD tasks shouldn’t be opening raw sockets. Except that we get the same error even after configuring "dhcp-socket-type": "udp". I even removed all the interfaces from the configuration ("interfaces": []) as an extra step.
It seems that kea is trying to open a raw socket no matter what. Any reason why? Any other tricks to prevent this error when testing the configuration?
Thanks!
Norman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20250129/b0552116/attachment.htm>
More information about the Kea-users
mailing list