Dang, I was afraid you might not be able to reproduce, being a race and all. I'm not sure it's possible to hand off the system as it's my primary development machine.
I think I will take a stab in trying to debug this. A quick looks shows that it is failing in this block in lsm/apparmor.c: if (aa_change_profile(label) < 0) Looking in the apparmor source code shows a few places this may fail, especially with the "No such file or directory" errno value. The call(s) in setprocattr(), particularly procattr_path(). I'm thinking that perhaps the /proc path is not really fully up before lxc_wait says that the container is in a RUNNING state. I'm using SSD's which may or may not make a difference, but they can sometimes add some races due to their fast nature. Next, I will look into what exactly lxc_wait is querying to know when it is RUNNING... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1452451 Title: failed to change apparmor profile to lxc-container-default-with- nesting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1452451/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
