*** This bug is a duplicate of bug 1350947 ***
https://bugs.launchpad.net/bugs/1350947
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: lxc (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
B
*** This bug is a duplicate of bug 1350947 ***
https://bugs.launchpad.net/bugs/1350947
It appears that as tyhicks pointed out this is a dup of bug 1350947.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net
*** This bug is a duplicate of bug 1350947 ***
https://bugs.launchpad.net/bugs/1350947
The only way I can get this to work is to add
"mount,"
to /etc/apparmor.d/abstractions/lxc/start-container
If I add something like
"mount options=slave"
"remount options=slave"
that does not suffice.
-
*** This bug is a duplicate of bug 1350947 ***
https://bugs.launchpad.net/bugs/1350947
James if you'd like to increase the priority of bug 1350947 please do
so.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpa
*** This bug is a duplicate of bug 1350947 ***
https://bugs.launchpad.net/bugs/1350947
hah, as pointed out in comment #4 of that bug. Marking this as a dup
** This bug has been marked a duplicate of bug 1350947
apparmor: no working rule to allow making a mount private
--
You received th
I would have assumed systemd is on neither. Since it seems to be the
same all the way since Trusty (at least).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc contain
Is this only happening when systemd is in the container, or when systemd
is on the host?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all networ
When stracing lxc-start one of the sub-processes is doing the access.
This is the strace of that sub-process.
** Attachment added: "lxc-start.strace.3131"
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1401148/+attachment/4278745/+files/lxc-start.strace.3131
--
You received this bug no
lxc-start.strace.3093:clone(child_stack=0x7fff7fbc0290,
flags=CLONE_NEWNS|CLONE_NEWUTS|CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWNET|SIGCHLD)
= 3131
lxc-start.strace.3093:open("/proc/3131/ns/net", O_RDONLY) = 16
lxc-start.strace.3093:waitid(P_PID, 3131, {}, WNOHANG|WEXITED|WNOWAIT, NULL) =
--
You
This is the output of "apparmor_parser -p /etc/apparmor.d/usr.bin.lxc-
start" on Vivid with 3.16 kernel.
** Attachment added: "aa-parser.txt"
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1401148/+attachment/4278746/+files/aa-parser.txt
--
You received this bug notification because yo
so I think it's some systemd handling which does that. LXC unshares the
mnt namespace which gets it a copy of the host's, then it's doing some
magic (rprivate I believe) to get things working under systemd, then
mounts what it needs, unmounts everything else and pivot_root.
lxc itself has no code
Stop the bot.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all network namespaces on the
same physical host
To manage notifications about thi
So for now I added also a task for the kernel, though the truth (if such a
thing exists) could be somewhere between. Serge, Stephane, what we probably
need to figure out is what exactly lxc-start tries to get done when slave
mounting /run/netns. And somehow it might be possible that it needs imp
Stop the bot.
** Changed in: linux (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all network nam
** Also affects: linux (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all network namespaces
Can you please attach the output of
apparmor_parser -p /etc/apparmor.d/usr.bin.lxc-start
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all net
Hm, as a data-point. It seems for the testing one can set /usr/bin/lxc-
start to complain mode:
aa-complain /usr/bin/lxc-start
and when I did that the test netns is still usable after lxc-start.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed t
I had assumed that "test-test" was a type and saw the same result after
starting the container with "test", too. So somehow starting an lxc
container seems to have an impact on netns. Not sure whether the
apparmor message may relate which seems to trigger when lxc-start tries
to mount /run/netns.
** Tags added: landscape
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all network namespaces on the
same physical host
To manage notification
Confirmed on vivid as well.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all network namespaces on the
same physical host
To manage notificat
Confirmed on utopic as well.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all network namespaces on the
same physical host
To manage notifica
sudo ip netns exec test ip addr
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401148
Title:
Re/starting an lxc container corrupts all network namespaces on the
same physical host
To manage notif
To reproduce:
sudo lxc-create --name test -t ubuntu-cloud
sudo ip netns add test
sudo ip netns exec test ip addr
1: lo: mtu 65536 qdisc noop state DOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
sudo lxc-start -d --name test
sudo ip netns exec test-tests ip addr
seti
23 matches
Mail list logo
