Comment 0 for bug 2013318

When running nested containers, some devices might not be populated inside the host container. This leads to runc not setting proper `DeviceAllow` options for the container scope which leads to inability to use some devices inside the container. (like /dev/null)

In my specific scenario this led to issues running docker containers on top of system running as LXC container:

https://github.com/opencontainers/runc/discussions/3795

Some more details and fix in runc can be seen here:

https://github.com/opencontainers/runc/pull/3620

This was fixed in runc 1.1.5 that was released yesterday.

My specific system observing this issue is:

# lsb_release -rd
Description: Ubuntu 22.04.2 LTS
Release: 22.04

Although I believe any system using runc 1.1.4 package is affected. My runc version:

# apt-cache policy runc
runc:
  Installed: 1.1.4-0ubuntu1~22.04.1
  Candidate: 1.1.4-0ubuntu1~22.04.1
  Version table:
 *** 1.1.4-0ubuntu1~22.04.1 500
        500 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     1.1.0-0ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages