[Touch-packages] [Bug 1607096] Re: lxc-container-default-with-mounting profile systemd permission denied
** Description changed: On a fresh install of Xenial just install lxc. Run typical lxc init setup. lxc-create any Ubuntu version (Trusty/Wily/Xenial tested) container and configure it to use the lxc-container-default-with- mounting. No further configuration needed. Start the container. You will find in dmesg errors concerning problems mounting things in /sys/... [10870.395952] audit: type=1400 audit(1469484639.890:94): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/sys/fs/cgroup/systemd/" pid=14796 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec" The container will appear start and you can attach, but its broken. Things like networking won't work. You cannot lxc-stop the container without -k. Starting the container in foreground mode leads to the following error. Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission Denied [!] Failed to mount API fileysystems, freezing. Freezing execution. I found defect https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020 concerning Trusty. The issue seems similar but not specially calling out the aa profile. Also, I cannot actually recreate this problem in Trusty. + + (UPDATE: Forgot to mention I have 2 additional conf lines as follows) + lxc.cgroup.devices.allow = b 7:* rwm + lxc.cgroup.devices.allow = c 10:237 rwm -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1607096 Title: lxc-container-default-with-mounting profile systemd permission denied Status in lxc package in Ubuntu: New Bug description: On a fresh install of Xenial just install lxc. Run typical lxc init setup. lxc-create any Ubuntu version (Trusty/Wily/Xenial tested) container and configure it to use the lxc-container-default-with- mounting. No further configuration needed. Start the container. You will find in dmesg errors concerning problems mounting things in /sys/... [10870.395952] audit: type=1400 audit(1469484639.890:94): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/sys/fs/cgroup/systemd/" pid=14796 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec" The container will appear start and you can attach, but its broken. Things like networking won't work. You cannot lxc-stop the container without -k. Starting the container in foreground mode leads to the following error. Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission Denied [!] Failed to mount API fileysystems, freezing. Freezing execution. I found defect https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020 concerning Trusty. The issue seems similar but not specially calling out the aa profile. Also, I cannot actually recreate this problem in Trusty. (UPDATE: Forgot to mention I have 2 additional conf lines as follows) lxc.cgroup.devices.allow = b 7:* rwm lxc.cgroup.devices.allow = c 10:237 rwm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1607096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1607096] Re: lxc-container-default-with-mounting profile systemd permission denied
** Description changed: On a fresh install of Xenial just install lxc. Run typical lxc init setup. lxc-create any Ubuntu version (Trusty/Wily/Xenial tested) container and configure it to use the lxc-container-default-with- mounting. No further configuration needed. Start the container. You will find in dmesg errors concerning problems mounting things in /sys/... [10870.395952] audit: type=1400 audit(1469484639.890:94): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/sys/fs/cgroup/systemd/" pid=14796 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec" - The container will appear to start and you can attach, but its broken. + The container will appear start and you can attach, but its broken. Things like networking won't work. You cannot lxc-stop the container without -k. Starting the container in foreground mode leads to the following error. Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission Denied [!] Failed to mount API fileysystems, freezing. Freezing execution. I found defect https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020 concerning - Trusty. The issue seems very similiar but not specially calling out the - aa profile. Also, I cannot actually recreate this problem in Trusty. + Trusty. The issue seems similar but not specially calling out the aa + profile. Also, I cannot actually recreate this problem in Trusty. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1607096 Title: lxc-container-default-with-mounting profile systemd permission denied Status in lxc package in Ubuntu: New Bug description: On a fresh install of Xenial just install lxc. Run typical lxc init setup. lxc-create any Ubuntu version (Trusty/Wily/Xenial tested) container and configure it to use the lxc-container-default-with- mounting. No further configuration needed. Start the container. You will find in dmesg errors concerning problems mounting things in /sys/... [10870.395952] audit: type=1400 audit(1469484639.890:94): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/sys/fs/cgroup/systemd/" pid=14796 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec" The container will appear start and you can attach, but its broken. Things like networking won't work. You cannot lxc-stop the container without -k. Starting the container in foreground mode leads to the following error. Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission Denied [!] Failed to mount API fileysystems, freezing. Freezing execution. I found defect https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020 concerning Trusty. The issue seems similar but not specially calling out the aa profile. Also, I cannot actually recreate this problem in Trusty. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1607096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1607096] [NEW] lxc-container-default-with-mounting profile systemd permission denied
Public bug reported: On a fresh install of Xenial just install lxc. Run typical lxc init setup. lxc-create any Ubuntu version (Trusty/Wily/Xenial tested) container and configure it to use the lxc-container-default-with- mounting. No further configuration needed. Start the container. You will find in dmesg errors concerning problems mounting things in /sys/... [10870.395952] audit: type=1400 audit(1469484639.890:94): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/sys/fs/cgroup/systemd/" pid=14796 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec" The container will appear to start and you can attach, but its broken. Things like networking won't work. You cannot lxc-stop the container without -k. Starting the container in foreground mode leads to the following error. Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission Denied [!] Failed to mount API fileysystems, freezing. Freezing execution. I found defect https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020 concerning Trusty. The issue seems very similiar but not specially calling out the aa profile. Also, I cannot actually recreate this problem in Trusty. ** Affects: lxc (Ubuntu) Importance: Undecided Status: New ** Description changed: On a fresh install of Xenial just install lxc. Run typical lxc init setup. lxc-create any Ubuntu version (Trusty/Wily/Xenial tested) - container and configure it to use the lxc-container-with-mounting. No - further configuration needed. Start the container. You will find in - dmesg errors concerning problems mounting things in /sys/... + container and configure it to use the lxc-container-default-with- + mounting. No further configuration needed. Start the container. You will + find in dmesg errors concerning problems mounting things in /sys/... [10870.395952] audit: type=1400 audit(1469484639.890:94): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/sys/fs/cgroup/systemd/" pid=14796 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec" The container will appear start and you can attach, but its broken. Things like networking won't work. You cannot lxc-stop the container without -k. Starting the container in foreground mode leads to the following error. Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission Denied [!] Failed to mount API fileysystems, freezing. Freezing execution. I found defect https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020 concerning Trusty. The issue seems very similiar but not specially calling out the aa profile. However, I cannot actually recreate this problem in Trusty. ** Description changed: On a fresh install of Xenial just install lxc. Run typical lxc init setup. lxc-create any Ubuntu version (Trusty/Wily/Xenial tested) container and configure it to use the lxc-container-default-with- mounting. No further configuration needed. Start the container. You will find in dmesg errors concerning problems mounting things in /sys/... [10870.395952] audit: type=1400 audit(1469484639.890:94): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/sys/fs/cgroup/systemd/" pid=14796 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec" The container will appear start and you can attach, but its broken. Things like networking won't work. You cannot lxc-stop the container without -k. Starting the container in foreground mode leads to the following error. Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission Denied [!] Failed to mount API fileysystems, freezing. Freezing execution. I found defect https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020 concerning Trusty. The issue seems very similiar but not specially calling out the - aa profile. However, I cannot actually recreate this problem in Trusty. + aa profile. Also, I cannot actually recreate this problem in Trusty. ** Description changed: On a fresh install of Xenial just install lxc. Run typical lxc init setup. lxc-create any Ubuntu version (Trusty/Wily/Xenial tested) container and configure it to use the lxc-container-default-with- mounting. No further configuration needed. Start the container. You will find in dmesg errors concerning problems mounting things in /sys/... [10870.395952] audit: type=1400 audit(1469484639.890:94): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/sys/fs/cgroup/systemd/" pid=14796 comm="systemd" fstype="cgroup" srcname="cgroup" flags="rw, nosuid, nodev, noexec" - The container will appear start and you can attach, but its broken. + The co
