On Sun, Apr 07, 2019 at 08:37:53PM +0200, Pierre-Elliott Bécue wrote: > Le dimanche 24 février 2019 à 15:01:14+0100, intrigeri a écrit : > > Control: reassign -1 lxc > > Control: severity -1 important > > > > Hi, > > > > Pirate Praveen: > > > In dmesg inside container (same error on the host as well), so it seems > > > apparmor is blocking it. > > > > > [14760.307180] audit: type=1400 audit(1549992481.311:156): > > > apparmor="DENIED" operation="mount" info="failed flags match" error=-13 > > > profile="lxc-container-default-cgns" name="/" pid=20531 > > > comm="(s-server)" flags="rw, rslave" > > > > The lxc-container-default-cgns profile is shipped by the lxc > > package ⇒ reassigning. > > > > This looks very much like LXC bug #916639 so please retry with: > > lxc 1:3.1.0+really3.0.3-3 or newer? > > > > If that's not sufficient, you might need to set these options for > > your container: > > > > lxc.apparmor.profile = generated > > lxc.apparmor.allow_nesting = 1 > > > > (On sid, these settings are in /etc/lxc/default.conf already but I'm > > not familiar with LXC and I don't know if they'll apply to > > pre-existing containers.) > > > > Thanks in advance! > > > > Also, I'm setting severity to non-RC as it would be unfortunate to > > block the migration to testing of… the very version that likely fixes > > this bug. Once it's clarified that this is #916639, I'll fix > > the metadata. > > > > Cheers, > > Dear Praveen, > > Did you give a test at the latest LXC3 releases? > > I wonder if I can close this bug report now.
FWIW I just tested in a clean container and redis-server starts just fine.
signature.asc
Description: PGP signature
