Hi, It's better to enable features Flag nesting=1 for each LXC container with that error.
Please, check security conserns before changing it. If you can't do that then another alternative it to mask systemd-logind service. Hopefully it can solve the problem. Regards, kalpesh sejpal On Mon, 5 Sep, 2022, 3:30 pm , <[email protected]> wrote: > Send pve-user mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of pve-user digest..." > > > Today's Topics: > > 1. systemd-logind.service (Piviul) > 2. systemd-logind.service (Piviul) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 2 Sep 2022 09:23:31 +0200 > From: Piviul <[email protected]> > To: Proxmox VE user list <[email protected]> > Subject: [PVE-User] systemd-logind.service > Message-ID: <[email protected]> > Content-Type: text/plain; charset=UTF-8; format=flowed > > On a proxmox 6.4 environment, when a user log on to a specific LXC > container machine named unifi-controller, the logon time is very slow > and on the host logs I find: > > Sep 02 07:15:36 unifi-controller systemd[1978474]: > systemd-logind.service: Failed at step NAMESPACE spawning > /lib/systemd/systemd-logind: Permission denied > Sep 02 07:15:36 unifi-controller systemd[1978474]: > systemd-logind.service: Failed to set up mount namespacing: > /run/systemd/unit-root/proc: Permission denied > > Other LXC doesn't have any problems. Someone can help me to find the issue? > > Best regards > > Piviul > > > > > ------------------------------ > > Message: 2 > Date: Fri, 2 Sep 2022 10:26:17 +0200 > From: Piviul <[email protected]> > To: Proxmox VE user list <[email protected]> > Subject: [PVE-User] systemd-logind.service > Message-ID: <[email protected]> > Content-Type: text/plain; charset=UTF-8; format=flowed > > I add that on the proxmox node I can find the following logs: > > Sep? 2 10:22:22 pve02 kernel: [6409941.290413] audit: type=1400 > audit(1662106942.591:968): apparmor="DENIED" operation="mount" > info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>" > name="/run/systemd/unit-root/proc/" pid=3151975 comm="(d-logind)" > fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec" > Sep? 2 10:22:22 pve02 kernel: [6409941.341352] audit: type=1400 > audit(1662106942.643:969): apparmor="DENIED" operation="mount" > info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>" > name="/run/systemd/unit-root/proc/" pid=3151979 comm="(d-logind)" > fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec" > Sep? 2 10:22:22 pve02 kernel: [6409941.391871] audit: type=1400 > audit(1662106942.691:970): apparmor="DENIED" operation="mount" > info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>" > name="/run/systemd/unit-root/proc/" pid=3151983 comm="(d-logind)" > fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec" > Sep? 2 10:22:22 pve02 kernel: [6409941.442322] audit: type=1400 > audit(1662106942.743:971): apparmor="DENIED" operation="mount" > info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>" > name="/run/systemd/unit-root/proc/" pid=3151987 comm="(d-logind)" > fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec" > Sep? 2 10:22:22 pve02 kernel: [6409941.466567] audit: type=1400 > audit(1662106942.767:972): apparmor="DENIED" operation="mount" > info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>" > name="/run/systemd/unit-root/proc/" pid=3151991 comm="(d-logind)" > fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec" > > Seems an apparmor problem... furthermore seems that old LXC doesn't > suffer of this problem but if I create a new LXC it does. > > Piviul > > ------------------------------ > > On a proxmox 6.4 environment, when a user log on to a specific LXC > container machine named unifi-controller, the logon time is very slow > and on the host logs I find: > > > Sep 02 07:15:36 unifi-controller systemd[1978474]: > systemd-logind.service: Failed at step NAMESPACE spawning > /lib/systemd/systemd-logind: Permission denied > Sep 02 07:15:36 unifi-controller systemd[1978474]: > systemd-logind.service: Failed to set up mount namespacing: > /run/systemd/unit-root/proc: Permission denied > > Other LXC doesn't have any problems. Someone can help me to find the issue? > > Best regards > Paul > > > > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________PvEe-user mailing list > [email protected] > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user > > > ------------------------------ > > End ofPvEe-user Digest, Vol 174, Issue 1 > **************************************** > > _______________________________________________ pve-user mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user
