Hi!
Sorry for the delay, I didn't expect AppArmor to be enabled in the
kernel a week ago (I thought I would coordinate this with Ben)
and I was busy with the Reproducible Builds summit this week.
Thanks Felix & Antonio for being on top of things. I'm glad the
immediate RC issue was fixed.
Felix
Hi,
Antonio Terceiro:
> The workaround that works is using the setting in the container
> configuration:
> lxc.aa_profile = unconfined
> with disables apparmor entirely.
> I have just uploaded lxc 1:2.0.9-4 setting this for all containers. This
> is not the greatest solution, but it's also not
Hi,
On 02.11.2017 20:09, Evgeni Golov wrote:
> Hi,
>
> On Thu, Nov 02, 2017 at 07:09:10PM +0100, Christian Boltz wrote:
>> seeing the AppArmor denials would be helpful to get this fixed ;-)
>
> I think the issue is different.
>
> Looking at the LXC log, we see the following:
> lxc-start 2017110
Hi,
On Thu, Nov 02, 2017 at 07:09:10PM +0100, Christian Boltz wrote:
> seeing the AppArmor denials would be helpful to get this fixed ;-)
I think the issue is different.
Looking at the LXC log, we see the following:
lxc-start 20171102130036.516 ERRORlxc_apparmor -
lsm/apparmor.c:apparmor_pr
Hello,
seeing the AppArmor denials would be helpful to get this fixed ;-)
Please either
grep -i apparmor /var/log/syslog
or, if you have auditd installed, check
/var/log/audit/audit.log
For more details, see https://wiki.debian.org/AppArmor/Debug
Regards,
Christian Boltz
--
> Anyway
Control: severity -1 important
On Thu, Nov 02, 2017 at 11:04:10AM -0200, Antonio Terceiro wrote:
> On Wed, Nov 01, 2017 at 03:38:23PM +0100, Evgeni Golov wrote:
> > Ohai,
> >
> > On Wed, Nov 01, 2017 at 12:00:12PM -0200, Antonio Terceiro wrote:
> > > > lxc-start 20171101123914.655 ERROR
On Wed, Nov 01, 2017 at 03:38:23PM +0100, Evgeni Golov wrote:
> Ohai,
>
> On Wed, Nov 01, 2017 at 12:00:12PM -0200, Antonio Terceiro wrote:
> > > lxc-start 20171101123914.655 ERRORlxc_apparmor -
> > > lsm/apparmor.c:apparmor_process_label_set:220 - If you really want to
> > > start thi
On Wed, 2017-11-01 at 15:38 +0100, Evgeni Golov wrote:
> Ohai,
>
> On Wed, Nov 01, 2017 at 12:00:12PM -0200, Antonio Terceiro wrote:
> > > lxc-start 20171101123914.655 ERRORlxc_apparmor -
> > > lsm/apparmor.c:apparmor_process_label_set:220 - If you really want to
> > > start this conta
Ohai,
On Wed, Nov 01, 2017 at 12:00:12PM -0200, Antonio Terceiro wrote:
> > lxc-start 20171101123914.655 ERRORlxc_apparmor -
> > lsm/apparmor.c:apparmor_process_label_set:220 - If you really want to start
> > this container, set
> > lxc-start 20171101123914.655 ERRORlxc_appar
Control: retitle -1 lxc: cannot start container with kernel 4.13.10
On Wed, Nov 01, 2017 at 11:32:31AM -0200, Antonio Terceiro wrote:
> Package: lxc
> Version: 1:2.0.9-3
> Severity: serious
>
> I'm filing this in lxc initially as I don't know exactly where the issue
> is yet. We will probably wan
10 matches
Mail list logo
