Comment 8 for bug 1655906

Well, the thing is that with the CVE patch applied, all kinds of things won't work running Docker in an unprivileged container. So even if we worked around the getPipeFds() issue, we'd still fail e.g. at setting oom-score adjust because it also tries to access files under /proc/<pid>. I think we will have to discuss an alternate approach with upstream. Until such time, a workaround is to set

lxc config set <container_name> security.privileged true

Would that be acceptable?