On Wednesday 2010-05-05 01:28, Hans-Peter Jansen wrote: >Dear Junjiro, > >I'm using aufs2-standalone for diverse openSUSE diskless setups, but the >latest release freezes on boot. For some reason related to the diskless >setup, where I use a project called kiwi, it's much easier to use the >standalone version, than intergrating it into the kernel itself, as that >would need a full rpm kernel rebuild for any aufs change. > >The reason for trying the current release is an uglier issue with openSUSE >11.2, that is related to aufs and apparmor (again), as it does not happen >with a native install.
I have a working 11.2 with aufs and 2.6.33 (- see my repo), including mkinitrd integration. I'll check what apparmor reports.. >Even stranger, all affected processes have their own profile >in /etc/apparmor.d: /bin/ping, /sbin/klogd, and /usr/sbin/ntpd. > >It looks like apparmor gets to the underlying pathes (below aufs) somehow, >and consequently blocks access to essential files, as it sees them >relocated (note name= entries below from /var/log/audit/audit.log: > >type=APPARMOR_DENIED msg=audit(1272987702.188:11): operation="open" pid=3269 >parent=3268 profile="/usr/sbin/ntpd" requested_mask="r::" denied_mask="r::" >fsuid=0 ouid=0 name="/read-only/etc/ld.so.cache" >type=APPARMOR_DENIED msg=audit(1272987702.188:12): operation="open" pid=3269 >parent=3268 profile="/usr/sbin/ntpd" requested_mask="r::" denied_mask="r::" >fsuid=0 ouid=0 name="/read-only/lib/libm-2.10.1.so" > ------------------------------------------------------------------------------
