On Tue, May 8, 2012 at 12:40 PM, Fajar A. Nugraha <l...@fajar.net> wrote: > On Tue, May 8, 2012 at 12:28 PM, Serge Hallyn > <serge.hal...@canonical.com> wrote:
>>> Also, a quick test on my setup (ubuntu precise amd64, >>> linux-image-3.2.0-24-generic 3.2.0-24.37, lxc 0.7.5-3ubuntu53) shows >>> freshly created container from templates (e.g. lxc-create -t ..., >>> tested with sshd and ubuntu templates) will fail to start with the >>> same error message that Xavier mentioned: >>> >>> lxc-start: No such file or directory - failed to change apparmor >>> profile to lxc-container-default >> >> I don't get that problem. Is your host a stock precise image? > > yes. I think I found the problem. Depending on what you meant by "stock precise image", then my host might not be one, since it's not installed using the live cd installer. It was created using debootstrap, and later "apt-get install ubuntu-desktop lxc". The problem with that approach is: - the default lxc guest container setup created using templates will try to change apparmor profile to lxc-container-default. That operation apparently requires apparmor package to be installed - neither ubuntu-desktop, lxc, or the packages it depends on has any dependecy for apparmor. lxc only depends on libapparmor1, which apparently is not enough - using "lxc.aa_profile = unconfined" removes the need to change apparmor profile, thus removes the need for apparmor package So I'm guessing the correct fix would be to either: - include apparmor as dependecy for lxc, OR - use "lxc.aa_profile = unconfined" uncommented by default for template-created containers. -- Fajar ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users