[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
*** This bug is a duplicate of bug 969299 *** https://bugs.launchpad.net/bugs/969299 ** This bug has been marked a duplicate of bug 969299 apparmor prevents dpkg-divert and localedef from working in a container -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
I'm still seeing this issue; oneiric lxc container on latest precise kernel: Selecting previously deselected package ssl-cert. Unpacking ssl-cert (from .../ssl-cert_1.0.28_all.deb) ... Selecting previously deselected package postgresql-common. Unpacking postgresql-common (from .../postgresql-common_122ubuntu1_all.deb) ... Adding 'diversion of /usr/bin/pg_config to /usr/bin/pg_config.libpq-dev by postgresql-common' dpkg: unrecoverable fatal error, aborting: failed to fstat previous diversions file: No such file or directory E: Sub-process /usr/bin/dpkg returned an error code (2) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
Hi James, can you confirm that if you /etc/init.d/apparmor stop /etc/init.d/apparmor teardown it then proceeds? Interesting that it's always dpkg-divert. I wonder what it does under the covers to trigger this? ** Changed in: linux (Ubuntu) Status: Fix Released = Confirmed ** Changed in: lxc (Ubuntu) Status: Invalid = Confirmed ** Changed in: linux (Ubuntu) Importance: Medium = High -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
** Changed in: linux (Ubuntu) Status: In Progress = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
** Changed in: lxc (Ubuntu) Status: Confirmed = Invalid ** Changed in: linux (Ubuntu) Status: Confirmed = In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) = John Johansen (jjohansen) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
** Tags added: rls-p-tracking -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
** Changed in: linux (Ubuntu) Importance: Undecided = Medium -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
** Changed in: linux (Ubuntu) Status: Incomplete = Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
@Brad, I would consider this a high priority bug. This pretty much means that containers cannot be protected by apparmor, because we can't predict when they might be - for no apparent reason - unable to access some file which they should be able to access. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
Thank you for taking the time to file a bug report on this issue. However, given the number of bugs that the Kernel Team receives during any development cycle it is impossible for us to review them all. Therefore, we occasionally resort to using automated bots to request further testing. This is such a request. We have noted that there is a newer version of the development kernel than the one you last tested when this issue was found. Please test again with the newer kernel and indicate in the bug if this issue still exists or not. You can update to the latest development kernel by simply running the following commands in a terminal window: sudo apt-get update sudo apt-get upgrade If the bug still exists, change the bug status from Incomplete to Confirmed. If the bug no longer exists, change the bug status from Incomplete to Fix Released. If you want this bot to quit automatically requesting kernel tests, add a tag named: bot-stop-nagging. Thank you for your help, we really do appreciate it. ** Changed in: linux (Ubuntu) Status: Confirmed = Incomplete ** Tags added: kernel-request-3.2.0-14.23 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
** Tags added: bot-stop-nagging -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
Thank you for taking the time to file a bug report on this issue. However, given the number of bugs that the Kernel Team receives during any development cycle it is impossible for us to review them all. Therefore, we occasionally resort to using automated bots to request further testing. This is such a request. We have noted that there is a newer version of the development kernel than the one you last tested when this issue was found. Please test again with the newer kernel and indicate in the bug if this issue still exists or not. You can update to the latest development kernel by simply running the following commands in a terminal window: sudo apt-get update sudo apt-get upgrade If the bug still exists, change the bug status from Incomplete to Confirmed. If the bug no longer exists, change the bug status from Incomplete to Fix Released. If you want this bot to quit automatically requesting kernel tests, add a tag named: bot-stop-nagging. Thank you for your help, we really do appreciate it. ** Changed in: linux (Ubuntu) Status: Confirmed = Incomplete ** Tags added: kernel-request-3.2.0-13.22 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
** Changed in: linux (Ubuntu) Status: Incomplete = Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
Correction: looks like i used '--reload' rather than '--replace' as apparmor_parser argument, and it silently failed. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
[16034.570611] type=1400 audit(1328123820.845:116): apparmor=ALLOWED operation=getattr info=Failed name lookup - deleted entry error=-2 parent=14666 profile=/usr/bin/lxc-start//lxc_container name=/var/lib/dpkg/diversions pid=14707 comm=dpkg requested_mask=r denied_mask=r fsuid=0 ouid=0 This doesn't really make sense to me. 1. the policy does not do anything with /var. 2. this message actually happened after I set the lxc-start profile to 'complain.' ** Changed in: lxc (Ubuntu) Importance: Undecided = High ** Changed in: lxc (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
type=AVC msg=audit(1328128176.535:236): apparmor=ALLOWED operation=getattr info=Failed name lookup - deleted entry error=-2 parent=25194 profile=/usr/bin/lxc-start//lxc_container name=/var/lib/dpkg/diversions pid=25229 comm=dpkg requested_mask=r denied_mask=r fsuid=0 ouid=0 type=SYSCALL msg=audit(1328128176.535:236): arch=c03e syscall=5 success=no exit=-2 a0=7 a1=7fff3b8e3ae0 a2=7fff3b8e3ae0 a3=8 items=0 ppid=467 pid=25229 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4294967295 comm=dpkg exe=/usr/bin/dpkg key=(null) So indeed it appears to be a failure in the re-attaching of the paths. ** Also affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/925024/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 925024] Re: apparmor makes it impossible to install postgresql-common on Precise
apport information ** Tags added: apport-collected running-unity ** Description changed: Repro: $ sudo lxc-create -t ubuntu -n precise -f /etc/lxc/local.conf -- -r precise -a i686 -b gary $ sudo lxc-start -n precise [log in as root] root@precise:~# apt-get install postgresql-common Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: openssl postgresql-client-common ssl-cert Suggested packages: ca-certificates openssl-blacklist The following NEW packages will be installed: openssl postgresql-client-common postgresql-common ssl-cert 0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded. Need to get 643 kB of archives. After this operation, 1618 kB of additional disk space will be used. Do you want to continue [Y/n]? Y Get:1 http://archive.ubuntu.com/ubuntu/ precise/main openssl i386 1.0.0e-3ubuntu1 [510 kB] Get:2 http://archive.ubuntu.com/ubuntu/ precise/main postgresql-client-common all 128 [25.6 kB] Get:3 http://archive.ubuntu.com/ubuntu/ precise/main ssl-cert all 1.0.28 [12.2 kB] Get:4 http://archive.ubuntu.com/ubuntu/ precise/main postgresql-common all 128 [94.9 kB] Fetched 643 kB in 1s (482 kB/s) Preconfiguring packages ... Selecting previously unselected package openssl. (Reading database ... 12500 files and directories currently installed.) Unpacking openssl (from .../openssl_1.0.0e-3ubuntu1_i386.deb) ... Selecting previously unselected package postgresql-client-common. Unpacking postgresql-client-common (from .../postgresql-client-common_128_all.deb) ... Selecting previously unselected package ssl-cert. Unpacking ssl-cert (from .../ssl-cert_1.0.28_all.deb) ... Selecting previously unselected package postgresql-common. Unpacking postgresql-common (from .../postgresql-common_128_all.deb) ... Adding 'diversion of /usr/bin/pg_config to /usr/bin/pg_config.libpq-dev by postgresql-common' dpkg: unrecoverable fatal error, aborting: failed to fstat previous diversions file: No such file or directory E: Sub-process /usr/bin/dpkg returned an error code (2) Workaround (thanks to wgrant): sudo ln -s /etc/apparmor.d/usr.bin.lxc-start /etc/apparmor.d/disable/ sudo apparmor_parser -R /etc/apparmor.d/usr.bin.lxc-start Then it should work. Ideally we'd be able to keep apparmor involved. + --- + AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24. + ApportVersion: 1.91-0ubuntu1 + Architecture: amd64 + ArecordDevices: + List of CAPTURE Hardware Devices + card 0: NVidia [HDA NVidia], device 0: Cirrus Analog [Cirrus Analog] +Subdevices: 1/1 +Subdevice #0: subdevice #0 + AudioDevicesInUse: + USERPID ACCESS COMMAND + /dev/snd/controlC0: gary 1953 F pulseaudio + CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found. + Card0.Amixer.info: + Card hw:0 'NVidia'/'HDA NVidia at 0xe748 irq 21' +Mixer name : 'Cirrus Logic CS4206' +Components : 'HDA:10134206,106b4b00,00100301' +Controls : 18 +Simple ctrls : 9 + CurrentDmesg: + Error: command ['sh', '-c', 'dmesg | comm -13 --nocheck-order /var/log/dmesg -'] failed with exit code 1: comm: /var/log/dmesg: Permission denied + dmesg: write failed: Broken pipe + DistroRelease: Ubuntu 12.04 + MachineType: Apple Inc. MacBookPro5,3 + NonfreeKernelModules: wl nvidia + Package: lxc 0.7.5-3ubuntu16 + PackageArchitecture: amd64 + ProcEnviron: + PATH=(custom, user) + SHELL=/bin/bash + ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.2.0-12-generic root=UUID=44d3af31-0b7b-42d9-a0ff-d3cfb63f282d ro quiet splash vt.handoff=7 + ProcVersionSignature: Ubuntu 3.2.0-12.21-generic 3.2.2 + Tags: precise running-unity precise running-unity + Uname: Linux 3.2.0-12-generic x86_64 + UpgradeStatus: Upgraded to precise on 2012-01-23 (9 days ago) + UserGroups: libvirtd sudo + WifiSyslog: + + dmi.bios.date: 06/15/09 + dmi.bios.vendor: Apple Inc. + dmi.bios.version: MBP53.88Z.00AC.B03.0906151647 + dmi.board.asset.tag: Base Board Asset Tag# + dmi.board.name: Mac-F22587C8 + dmi.board.vendor: Apple Inc. + dmi.chassis.asset.tag: Asset Tag# + dmi.chassis.type: 10 + dmi.chassis.vendor: Apple Inc. + dmi.chassis.version: Mac-F22587C8 + dmi.modalias: dmi:bvnAppleInc.:bvrMBP53.88Z.00AC.B03.0906151647:bd06/15/09:svnAppleInc.:pnMacBookPro5,3:pvr1.0:rvnAppleInc.:rnMac-F22587C8:rvr:cvnAppleInc.:ct10:cvrMac-F22587C8: + dmi.product.name: MacBookPro5,3 + dmi.product.version: 1.0 + dmi.sys.vendor: Apple Inc. ** Attachment added: AcpiTables.txt https://bugs.launchpad.net/bugs/925024/+attachment/2706238/+files/AcpiTables.txt -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/925024 Title: apparmor makes it impossible to install postgresql-common on Precise To manage
