Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-23 Thread hom...@163.com
OK, thanks a lot. BR. __ Michael Mao From: [1]J. R. Okajima Date: 2020-03-23 23:36 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs &quo

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-23 Thread hom...@163.com
validation. __ Michael Mao From: [1]J. R. Okajima Date: 2020-03-22 13:58 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@163.com": > I found the error in packetdump2: setattr ERROR: Ope

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-22 Thread hom...@163.com
: 2020-03-22 13:58 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@163.com": > I found the error in packetdump2: setattr ERROR: Operation not permitted I was going to write exact same thing. :-)

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
CC: [3]aufs-users Subject: Re: Re: LXC unpreviliged problem with aufs mounted on nfs ps: last packetdump1 is the tcp data of command running: useradd newuser, and got the warnning: useradd: failure while writing changes to /etc/shadow this attachment packetdump2

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
: Re: Re: LXC unpreviliged problem with aufs mounted on nfs Hi, Okajima San, Thanks. That will be easier for me to manage the aufs mount with the xino option. Yes, Problem is still there after I reboot the system. About the LSM, I just stop the AppArmor service

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Subject: Re: Re: LXC unpreviliged problem with aufs mounted on nfs Hi, Okajima San, Thanks. That will be easier for me to manage the aufs mount with the xino option. Yes, Problem is still there after I reboot the system. About the LSM, I just stop the AppArmor service

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
packet data needed? __ Michael Mao From: [1]J. R. Okajima Date: 2020-03-22 11:59 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@16

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
. __ Michael Mao From: [3]J. R. Okajima Date: 2020-03-22 11:25 To: [4]hom...@163.com CC: [5]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@163.com": > About the xino, I gave the xino

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
add each other to communicate online. BR. __ Michael Mao From: [1]J. R. Okajima Date: 2020-03-22 10:54 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
ion" pid=31683 comm="apparmor_parser" Mar 22 10:23:19 zss-node1 kernel: [62487.116326] audit: type=1400 audit(1584843799.408:379): apparmor="STATUS" operation="profile_load" label="lxd-aaa_//&:lxd-aaa_:unconfined" name="/usr/lib

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
Hi,Okajima San, Please refer to the attachment. __ Michael Mao From: [1]J. R. Okajima Date: 2020-03-22 09:17 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
it. __ Michael Mao From: [2]J. R. Okajima Date: 2020-03-21 23:20 To: [3]hom...@163.com CC: [4]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@163.com": > I have the AppArmor and Seccomp closed,

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
: Re: LXC unpreviliged problem with aufs mounted on nfs Hi, Okajima San, OK. Since I am using LXD to drive the LXC, and AppArmor is default profile for LXD driver. I need to study how to close this function in LXD

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
: 2020-03-21 22:26 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@163.com": > I run the command : useradd 1234, and got the warning: useradd: failure while writing changes to /etc/shadow >

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@163.com": > Attachments is the output in the unpreviliged container and parent server. I cannot see any error in your "strace touch newfi

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
. __ Michael Mao From: [1]J. R. Okajima Date: 2020-03-21 20:35 To: [2]hom...@163.com CC: [3]aufs-users Subject: Re: LXC unpreviliged problem with aufs mounted on nfs "hom...@163.com": > Below attached is the /var/log/kern.log and /var/log/syslog, which logs

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
81726.496:48): apparmor="STATUS" operation="profile_load" label="lxd-bbb_//&:lxd-bbb_:unconfined" name="/usr/lib/connman/scripts/dhclient-script" pid=3643 comm="apparmor_parser" Mar 21 17:15:51 zss-node1 systemd[1]: Started Session 3 of u

Re: Re: LXC unpreviliged problem with aufs mounted on nfs

2020-03-21 Thread hom...@163.com
1726.496:48): apparmor="STATUS" operation="profile_load" label="lxd-bbb_//&:lxd-bbb_:unconfined" name="/usr/lib/connman/scripts/dhclient-script" pid=3643 comm="apparmor_parser" Mar 21 17:15:51 zss-node1 systemd[1]: Started Session 3 of user root. Mar 21