[LXD/LXC] mknod works with Linux LTS (5.15.74) but not with Linux mainline (6.0.2)


I ran into a problem with nextcloud-aio, with nextcloud-office/collabora-online to be exact, where it wouldn’t print/export documents because it does everything for each document in an isolated rootfs for which it uses mknod to create /dev/random and /dev/urandom.
After much discussion and deliberation over here we finally managed to conclude that security.syscalls.intercept.mknod=true which should allow the nested containers to use mknod, works as intended with linux LTS (5.15.74) but not with the current mainline (6.0.2).
I should point out that I’m running ArchLinux, I will try to replicate the same issue with other distros namely fedora to see if it’s only limited to ArchLinux. In the meantime if anyone else could confirm this issue that would be great, thanks!

I can confirm the problem is also present on fedora 36 with linux 5.19.15 (5.19.15-201.fc36.x86_64 to be exact)

Any ideas @brauner ?

Hi everyone,
Was just wondering if there are any updates on this one?