Yes, adding security.nesting works with the lxd snap inside a lxd
container running with the lxd snap. Closing as Fix Released in this
case, thanks @stgraber for the pointer
** Changed in: snapd
Status: New => Fix Released
** Changed in: snapd (Ubuntu)
Status: New => Fix Released
-
You're trying to run a nested container without having allowed it in the
parent container's configuration.
You need to set "security.nesting" to "true" on the parent container and
restart it before this would work.
--
You received this bug notification because you are a member of Ubuntu
Bugs, wh
I should also specify - I can ssh into the lxc container and lxc fails
in the same way as with `lxc shell ...`
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1777017
Title:
snap install lxd doesn't w
This at least fails more nicely with the lxd snap:
https://pastebin.ubuntu.com/p/djwrN5nxjT/
I see the following denial in the journal:
Sep 25 18:17:24 kernel: audit: type=1400 audit(1569453444.560:27044):
apparmor="DENIED" operation="mount" info="failed flags match" error=-13
profile="lxd-holy-m
An explanation for Seth's change:
AppArmor will nest and stack within a container environment, but it
relies on the container environment to setup the correct namespacing.
>From the look of this, this is a policy issue where the apparmor policy
is not being setup correctly. In this case the polic
** Also affects: snapd (Ubuntu)
Importance: Undecided
Status: New
** Changed in: apparmor
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1777017
Title:
snap i
