*** This bug is a duplicate of bug 1350947 ***
https://bugs.launchpad.net/bugs/1350947
Unfortunately that previous commit isn't sufficient yet; I'm not sure
how it worked for me when I tested it, but bug 1350947 is in the way.
I'm making this a dupe and add an LXC task, that's easier.
** Chan
** Changed in: lxc (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1325468
Title:
[systemd] container startup fails with AppArmor
To manage notifi
Created upstream pull request: https://github.com/lxc/lxc/pull/285
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1325468
Title:
[systemd] container startup fails with AppArmor
To manage notificatio
Stéphane pointed out on IRC the other day that "in (rw, slave)" is too
lax, but that "=(rw, slave)" would be okay. I'll add that now, as this
is both really hard to discover, as well as leaves quite a lot of
garbage (mounts) behind on failures.
** Changed in: lxc (Ubuntu)
Status: Triaged =>
I just tried this, and it seems to work:
mount options in (rw, slave) -> /,
man apparmor.d should be fixed for this, as the parentheses are not contained
in the EBNF. With that, and the two
/lib/init/apparmor-profile-load calls from /etc/init/lxc.conf I can now run all
containers.
** Change
The syntax allows for spaces or commas to separate items, because people
kept using them. However list of items must be inside of parenthesis.
mount options in (rw, slave),
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.
Oh, I missed the "lxc-start: No such file or directory - failed to
change apparmor profile to lxc-container-default". I didn't run the
equivalents of /etc/init/lxc.conf. "sudo /etc/init.d/apparmor reload"
seems to have understood the new line (mount options in rw, slave,), but
when I manually run t
That makes sense.
status: confirmed
importance: high
** Changed in: lxc (Ubuntu)
Importance: Undecided => High
** Changed in: lxc (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:/
After that fix I can start containers with "lxc.aa_profile =
unconfined". With containers using the default profile I still get an
error on startup:
$ sudo lxc-start -n adt-utopic
[sudo] password for martin:
lxc-start: Device or resource busy - failed to set memory.use_hierarchy to 1;
continuing
This particular issue can be fixed in /etc/apparmor.d/abstractions/lxc
/start-container by adding a line
mount options in rw, slave,
After "sudo /etc/init.d/apparmor reload" that "Failed to make / rslave"
error is now gone. It still fails with the next error (Input/output
error - error 5 creati
10 matches
Mail list logo