1.b i'd like another way to do that, but not sure what a better way would
be.
1.c does lvm also fail in privileged containers? I can see no use to
running it (for now) in an unprivileged container, so the same solution
as 1.a seems reasonable.
1.d
CAP_ADMIN_READ is not a real capability. So if 1.d is fixed by that,
then something else is wrong.
Thanks, Nish. My thoughts:
1.a sounds good
1.b i'd like another way to do that, but not sure what a better way would
be.
1.c does lvm also fail in privileged containers? I can see no use to
running it (for now) in an unprivileged container, so the same solution
as 1.a seems reasonable.
1.d
CAP_ADMIN_READ is not a real capability. So if 1.d is fixed by that,
then something else is wrong.