Hey, In a container I'm running some Apache/PHP service (in this case LibreNMS). This service is causing an annoying error in /var/log/syslog which I get to see in logwatch. The error message is triggered by a remount done by phpsessionclean, I think.
Here is a sample of the syslog message Jul 3 06:39:01 maas kernel: [4912175.444878] audit: type=1400 audit(1562128741.931:85397): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxd-librenms_</var/lib/lxd>" name="/home/" pid=2336 comm="(ionclean)" flags="ro, nosuid, nodev, remount, bind" The same issue was discussed before [1]. At the time it was reported for LXD 3.0.1. Stephane replied with "Looks like a process inside one of your containers is trying to remount /bin read-only, possibly just in a private namespace. That’s currently not allowed by the apparmor policy in LXD 3.0.1 which you’re using. I believe we have actually refreshed that very bit of policy so LXD 3.0.2 (once released) should silence this and also unblock whatever that process is trying to do." Today, I'm running LXD 3.0.3 and the error is still there. How can I suppress this error? [1] https://discuss.linuxcontainers.org/t/apparmor-denied-operation-mount/2424 -- Kees
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
