Docker requires "Privileged" for some operations

[treydock]

Using the Docker hypervisor support I've found that a container needs to be set with "Privileged" => true during creation or some parts of the tests will alway fail, such as creating iptables rules.

Example using centos6:centos based container

Error: Could not prefetch firewall provider 'iptables': Execution of '/sbin/iptables-save' returned 1: FATAL: Could not load /lib/modules/3.5.0-51-generic/modules.dep: No such file or directory
iptables-save v1.4.7: Cannot initialize: Permission denied (you must be root)

After applying this change, these errors are no more.

--- a/lib/beaker/hypervisor/docker.rb
+++ b/lib/beaker/hypervisor/docker.rb
@@ -32,7 +32,7 @@ module Beaker
         })

         @logger.debug("Starting container #{container.id}")
-        container.start({"PublishAllPorts" => true})
+        container.start({"PublishAllPorts" => true, "Privileged" => true})

         # Find out where the ssh port is from the container
         ip   = container.json["NetworkSettings"]["Ports"]["22/tcp"][0]["HostIp"]

Should this be a new option for the docker hypervisor, with default remaining 'false' for backwards compatibility, or would setting this 'true' be considered a bug fix?

[electrical]

This issue can be closed now its merged?

[treydock]

Yes, closing.

[hackndoes]

in what version of docker was it released?