[Bug 1227313] Re: Error parsing lxc-start apparmor profile
This bug was fixed in the package lxc - 0.9.0-0ubuntu3.6 --- lxc (0.9.0-0ubuntu3.6) raring-proposed; urgency=low * Cherrypicking bugfix from upstream (LP: #1227313) - 0016-apparmor.c-drop-newline-when-reading-current-profile.patch -- Serge Hallyn serge.hal...@ubuntu.com Fri, 04 Oct 2013 09:08:38 -0500 ** Changed in: lxc (Ubuntu Raring) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
This package (0.9.0-0ubuntu3.6) fixes the bug for me. ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
Hello Andre, or anyone else affected, Accepted lxc into raring-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/lxc/0.9.0-0ubuntu3.6 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: lxc (Ubuntu Raring) Status: In Progress = Fix Committed ** Tags added: verification-needed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
1215391 is fixed now. This can now be pushed to raring-proposed, right? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
Yes, I just pushed the package. It'll build as soon as the SRU team accepts the upload. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
** Branch linked: lp:ubuntu/lxc -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
** Changed in: lxc (Ubuntu) Importance: Undecided = Medium ** Also affects: lxc (Ubuntu Raring) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
Note the medium priority is because this is an uncommon use case. There is no way around this though if you do need to do this, so perhaps it should be high priority. ** Description changed: + = + SRU Justification: + 1. Impact: cannot start containers with read-only proc + 2. Development fix: remove \n from /proc/pid/attr/current contents. + 3. Stable fix: cherrypick development fix. + 4. Test case: + a. lxc-create -t ubuntu -n u1 + b. sudo sed -i '/proc/s/nosuid/,ro/' /var/lib/lxc/u1/fstab + c. echo lxc.aa_profile = unconfined | sudo tee -a /var/lib/lxc/u1/config + d. apparmor_parser -R /etc/apparmor.d/usr.bin.lxc-start + e. sudo lxc-start -n u1 + 5. Regression potential: none, this only makes us ignore the \n at end of /proc/pid/attr/current file + = + The lxc-start package reads its apparmor profile from /proc/$PID/attr/current but does not remove the trailing newline character. When trying to run an unconfined container, this causes comparisons with the unconfined string in the source code to fail, and the apparmor profile is set, even when there's no need to do so. This, in turn, makes it impossible to run containers with a read-only /proc filesystem. Ubuntu release: Description: Ubuntu 13.04 Release: 13.04 Package being used: lxc: - Installed: 0.9.0-0ubuntu3.5 - Candidate: 0.9.0-0ubuntu3.5 - Version table: - *** 0.9.0-0ubuntu3.5 0 - 500 http://archive.ubuntu.com/ubuntu/ raring-proposed/universe amd64 Packages - 100 /var/lib/dpkg/status - 0.9.0-0ubuntu3.4 0 - 500 ftp://repos.mz.digirati.com.br/ubuntu/ raring-updates/universe amd64 Packages - 0.9.0-0ubuntu3 0 - 500 ftp://repos.mz.digirati.com.br/ubuntu/ raring/universe amd64 Packages + Installed: 0.9.0-0ubuntu3.5 + Candidate: 0.9.0-0ubuntu3.5 + Version table: + *** 0.9.0-0ubuntu3.5 0 + 500 http://archive.ubuntu.com/ubuntu/ raring-proposed/universe amd64 Packages + 100 /var/lib/dpkg/status + 0.9.0-0ubuntu3.4 0 + 500 ftp://repos.mz.digirati.com.br/ubuntu/ raring-updates/universe amd64 Packages + 0.9.0-0ubuntu3 0 + 500 ftp://repos.mz.digirati.com.br/ubuntu/ raring/universe amd64 Packages What is expected to happen: A container with a read-only /proc filesystem should start successfully. What happened instead: lxc-start fails with Read-only file system - failed to change apparmor profile to unconfined ** Changed in: lxc (Ubuntu Raring) Status: New = In Progress ** Changed in: lxc (Ubuntu Raring) Importance: Undecided = Medium ** Changed in: lxc (Ubuntu) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
(Fix pushed to saucy and to raring-proposed) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
Ah, actually pushing the fix for this bug to raring-proposed is hung on verification of bug 1215391. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
This bug was fixed in the package lxc - 1.0.0~alpha1-0ubuntu5 --- lxc (1.0.0~alpha1-0ubuntu5) saucy; urgency=low * Cherrypicking bugfix from upstream (LP: #1227313) - 0001-apparmor.c-drop-newline-when-reading-current-profile.patch -- Serge Hallyn serge.hal...@ubuntu.com Fri, 27 Sep 2013 15:14:24 -0500 ** Changed in: lxc (Ubuntu) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1227313] Re: Error parsing lxc-start apparmor profile
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxc (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1227313 Title: Error parsing lxc-start apparmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1227313/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
