Cannot open TUN/TAP after apt upgrade

[psyko-gh]

Hi,

My setup using PIA was working great on Ubuntu 22.04 LTS using the latest image.
I ran a apt upgrade to try and fix an issue unrelated to deluge. After reboot, my Deluge image would not start. With the following error

2024-12-04 18:05:45,744 DEBG 'start-script' stdout output:
2024-12-04 18:05:45 ERROR: Cannot open TUN/TAP dev /dev/net/tun: Operation not permitted (errno=1)
2024-12-04 18:05:45 Exiting due to fatal error

I'm running it using docker compose and manage to get it working by adding the privileged: true in my compose.yml.
I already had the following setting in my compose file:

    ...
    cap_add:
      - NET_ADMIN
    ...

It seems to not be enough anymore ?

I went down my apt log to check the before/after version and found the following:

docker-compose-plugin:amd64 (2.18.1-1~ubuntu.22.04~jammy, 2.29.7-1~ubuntu.22.04~jammy),
docker-ce-cli:amd64 (5:24.0.2-1~ubuntu.22.04~jammy, 5:27.3.1-1~ubuntu.22.04~jammy),
docker-buildx-plugin:amd64 (0.10.5-1~ubuntu.22.04~jammy, 0.17.1-1~ubuntu.22.04~jammy),
docker-ce:amd64 (5:24.0.2-1~ubuntu.22.04~jammy, 5:27.3.1-1~ubuntu.22.04~jammy),
docker-ce-rootless-extras:amd64 (5:24.0.2-1~ubuntu.22.04~jammy, 5:27.3.1-1~ubuntu.22.04~jammy),

Is it possible that some behaviour changed around the cap_add properties, making it not enough ?
Or am I looking in the wrong direction ?

Thank you,

[lcurole]

Also seeing this on Debian GNU/Linux 12

[lcurole]

Looks like an upstream change was made to containerd: containerd/containerd#11078

Adding the following to my compose.yml file for the deluge container fixed the issue:

devices:
      - /dev/net/tun:/dev/net/tun

[psyko-gh]

I confirm, add the dev/net/tun device workds, allowing me to remove the privileged: true on the container.

I guess this point need to be reflected in the readme/documentation files.

Thanks

[Biggingus]

How would I make this change on Unraid OS?
Thank you