On 04/22/2013 10:02 AM, Fajar A. Nugraha wrote: > On Mon, Apr 22, 2013 at 2:44 PM, David Parks <davidpark...@yahoo.com > <mailto:davidpark...@yahoo.com>> wrote: > > We’re running an app that installs some files to /run and needs to > execute a python script in that directory.____ > > __ __ > > Even the root user is denied permission to execute the script, which > tells me that LXC (presumably AppArmor) is blocking access to > running a script under /run/*____ > > __ > > > Nope. > > On my host: > tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755) > > ... which is mounted from /lib/init/fstab. noexec prevents running any > executable there. > > Now what's interesting is that my ubuntu template (0.9.0-0ubuntu2) > specifically create an empty /lib/init/fstab, so you shouldn't even have > a /run mount entry in a container. What is the content of that file on > your container? Or perhaps you manually have an entry for /run on your > container's fstab?
The Ubuntu template only clears /lib/init/fstab if you're using the trim option which most people don't and really shouldn't as it makes it a non-standard Ubuntu system and breaks updates. -- Stéphane Graber Ubuntu developer http://www.ubuntu.com
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
