Quoting Andrey Repin (anrdae...@yandex.ru):
> Greetings, Serge Hallyn!
>
> >> >> lxc-start 1443630810.241 WARN lxc_confile -
> >> >> confile.c:config_pivotdir:1825 - lxc.pivotdir is ignored. It will soon
> >> >> become an error.
> >> >> lxc-start 1443630810.247 WARN lxc_cgmanager -
> >> >> cgmanager.c:cgm_get:993 - do_cgm_get exited with error
> >> >> lxc-start 1443630810.672 ERROR lxc_apparmor -
> >> >> lsm/apparmor.c:apparmor_process_label_set:183 - No such file or
> >> >> directory - failed to change apparmor profile to lxc-container-default
> >> >> lxc-start 1443630810.672 ERROR lxc_sync -
> >> >> sync.c:__sync_wait:51 - invalid sequence number 1. expected 4
> >> >> lxc-start 1443630810.672 ERROR lxc_start -
> >> >> start.c:__lxc_start:1172 - failed to spawn 'dc1'
> >> >> lxc-start 1443630810.672 WARN lxc_commands -
> >> >> commands.c:lxc_cmd_rsp_recv:172 - command get_init_pid failed to
> >> >> receive response
> >> >> lxc-start 1443630810.673 WARN lxc_cgmanager -
> >> >> cgmanager.c:cgm_get:993 - do_cgm_get exited with error
> >> >> lxc-start 1443630810.674 ERROR lxc_cgmanager -
> >> >> cgmanager.c:cgm_remove_cgroup:523 - call to cgmanager_remove_sync
> >> >> failed: invalid request
> >> >> lxc-start 1443630810.674 ERROR lxc_cgmanager -
> >> >> cgmanager.c:cgm_remove_cgroup:525 - Error removing all:lxc/dc1-1
> >> >> lxc-start 1443630815.678 ERROR lxc_start_ui -
> >> >> lxc_start.c:main:344 - The container failed to start.
> >> >> lxc-start 1443630815.679 ERROR lxc_start_ui -
> >> >> lxc_start.c:main:346 - To get more details, run the container in
> >> >> foreground mode.
> >> >> lxc-start 1443630815.679 ERROR lxc_start_ui -
> >> >> lxc_start.c:main:348 - Additional information can be obtained by
> >> >> setting the --logfile and --logpriority options.
> >> >>
> >> >> Anyone have ideas?
> >>
> >> > The problem is that the lxc-container-default apparmor profile isn't
> >> > loaded on your machine.
> >>
> >> > You may want to restart apparmor to see if it then loads it properly.
> >>
> >> Ok, let me ask a different question.
> >> Can anyone walk me through some basic checks on this issue?
> >> I've already tried a number of things, but I can't quite figure out, what's
> >> wrong with the host. Everything seems normal and identical to the other
> >> hosts
> >> I have.
>
> > What does 'sudo aa-status' show?
...
> 10 profiles are in enforce mode.
...
> lxc-container-default
...
> 36 processes are in enforce mode.
> /usr/bin/lxc-start (1571)
> /usr/sbin/cupsd (1047)
> /usr/sbin/mysqld (1555)
> lxc-container-default (1612)
> lxc-container-default (2488)
...
What does running the following in python3 as root show?
import lxc
c = lxc.Container("dc1-1")
c.get_config_item("lxc.aa_profile")
?
Assuming it's either '' or lxc-container-default, I think the next step
will need to be building your own package so we can add some debugging
output to apparmor_process_label_set()
-serge
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
