Hi, On 27-01-2021 22:18, Valentin Vidic wrote: > On Wed, Jan 27, 2021 at 09:56:34PM +0100, Paul Gevers wrote: >> Please see: https://salsa.debian.org/-/snippets/520 Do you seen anything >> weird? > > I don't think anything would show up in the mounts on the host itself. > The problem is probably with some of the hardenings enabled in the > corosync service, for example: > > https://salsa.debian.org/ha-team/corosync/-/blob/debian/master/debian/patches/Enable-PrivateTmp-in-the-systemd-service-files.patch > > I seem to remember having this problem on my machine too were apparmor > was blocking the mount, and the solution was to add these to the config > of all containers: > > # Apparmor enable > lxc.apparmor.profile = generated > lxc.apparmor.allow_nesting = 1 > > More details in /usr/share/doc/lxc/NEWS.Debian.gz >
debian@ci-worker-ppc64el-01:~$ sudo cat /etc/lxc/default.conf # MANAGED WITH CHEF; DON'T CHANGE BY HAND lxc.net.0.type = veth lxc.net.0.link = virbr0 lxc.net.0.flags = up lxc.apparmor.profile = generated lxc.apparmor.allow_nesting = 1 Paul
OpenPGP_signature
Description: OpenPGP digital signature
