I noticed this crash 4 times today. To recreate, ran the following commands (almost always in this order)
5.11.0-41-generic | 20.04.1-Ubuntu | x86_64 | x86_64 | x86_64 $ sudo lxc-ls $ sudo lxc-start -n test $ sudo lxc-ls -f $ sudo lxc-console -n test $ sudo lxc-stop test $ sudo lxc-ls -f $ sudo lxc-ls -f syslog: Dec 1 19:09:53 ThinkPad kernel: [ 4503.306174] kauditd_printk_skb: 24 callbacks suppressed Dec 1 19:09:53 ThinkPad kernel: [ 4503.306177] audit: type=1400 audit(1638365993.337:184): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-container-default-cgns" name="/" pid=22258 comm="mount" flags="rw, remount" Dec 1 19:09:53 ThinkPad kernel: [ 4503.325009] audit: type=1400 audit(1638365993.357:185): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-container-default-cgns" name="/snap/" pid=22277 comm="mount" flags="rw, shared" Dec 1 19:09:53 ThinkPad kernel: [ 4503.325689] audit: type=1400 audit(1638365993.357:186): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-container-default-cgns" name="/" pid=22278 comm="(md-udevd)" flags="rw, rslave" Dec 1 19:09:56 ThinkPad kernel: [ 4506.767508] audit: type=1400 audit(1638365996.801:187): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-container-default-cgns" name="/" pid=22302 comm="(md-udevd)" flags="rw, rslave" Dec 1 19:10:40 ThinkPad kernel: [ 4550.606075] lxcbr0: port 1(vethEY9smt) entered disabled state Dec 1 19:10:40 ThinkPad kernel: [ 4550.607657] device vethEY9smt left promiscuous mode Dec 1 19:10:40 ThinkPad kernel: [ 4550.607661] lxcbr0: port 1(vethEY9smt) entered disabled state Dec 1 19:11:09 ThinkPad kernel: [ 4579.319750] systemd[22860]: NetworkManager-dispatcher.service: Failed to connect stdout to the journal socket, ignoring: Connection refused Dec 1 19:12:09 ThinkPad kernel: [ 4639.237516] fbcon: Taking over console Dec 1 19:12:09 ThinkPad kernel: [ 4639.243508] Console: switching to colour frame buffer device 240x67 Dec 1 19:12:09 ThinkPad kernel: [ 4639.522393] systemd[23043]: user-runtime-dir@125.service: Failed to connect stdout to the journal socket, ignoring: Connection refused Dec 1 19:12:09 ThinkPad kernel: [ 4639.558561] systemd[23062]: user@125.service: Failed to connect stdout to the journal socket, ignoring: Connection refused apport.log: ERROR: apport (pid 22986) Wed Dec 1 19:12:08 2021: called for pid 916, signal 6, core limit 0, dump mode 1 ERROR: apport (pid 22986) Wed Dec 1 19:12:08 2021: executable: /usr/lib/systemd/systemd-timesyncd (command line "/lib/systemd/systemd-timesyncd") ERROR: apport (pid 22986) Wed Dec 1 19:12:08 2021: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment ERROR: apport (pid 22986) Wed Dec 1 19:12:08 2021: apport: report /var/crash/_usr_lib_systemd_systemd-timesyncd.102.crash already exists and unseen, doing nothing to avoid disk usage DoS ERROR: apport (pid 22992) Wed Dec 1 19:12:09 2021: called for pid 1007, signal 6, core limit 0, dump mode 1 ERROR: apport (pid 22992) Wed Dec 1 19:12:09 2021: executable: /usr/lib/systemd/systemd-logind (command line "/lib/systemd/systemd-logind") ERROR: apport (pid 22992) Wed Dec 1 19:12:09 2021: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment ERROR: apport (pid 22992) Wed Dec 1 19:12:09 2021: apport: report /var/crash/_usr_lib_systemd_systemd-logind.0.crash already exists and unseen, doing nothing to avoid disk usage DoS ERROR: apport (pid 23289) Wed Dec 1 19:12:42 2021: called for pid 915, signal 6, core limit 0, dump mode 1 ERROR: apport (pid 23289) Wed Dec 1 19:12:42 2021: executable: /usr/lib/systemd/systemd-resolved (command line "/lib/systemd/systemd-resolved") ERROR: apport (pid 23289) Wed Dec 1 19:12:42 2021: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment ERROR: apport (pid 23289) Wed Dec 1 19:12:42 2021: apport: report /var/crash/_usr_lib_systemd_systemd-resolved.101.crash already exists and unseen, doing nothing to avoid disk usage DoS ERROR: apport (pid 23299) Wed Dec 1 19:12:53 2021: called for pid 658, signal 6, core limit 0, dump mode 1 ERROR: apport (pid 23299) Wed Dec 1 19:12:53 2021: executable: /usr/lib/systemd/systemd-udevd (command line "/lib/systemd/systemd-udevd") ERROR: apport (pid 23299) Wed Dec 1 19:12:53 2021: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment ERROR: apport (pid 23299) Wed Dec 1 19:12:53 2021: apport: report /var/crash/_usr_lib_systemd_systemd-udevd.0.crash already exists and unseen, doing nothing to avoid disk usage DoS -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1811248 Title: systemd--networkd mounts denied for lxc guest Status in apparmor package in Ubuntu: Confirmed Bug description: Host unbuntu cosmic | lxc 3.0.3 | aa 2.12 | systemd 239-7 Guest Arch Linux | systemd 240.0 After having upgraded in the guest systemd from 239.370 to 240.0 the host's AA is exhibiting > audit: type=1400 audit(1547125168.853:722): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc- container-default-cgns" name="/" pid=8426 comm="(networkd)" flags="rw, rslave" and the guest > systemd-networkd.service: Failed to set up mount namespacing: Permission denied > systemd-networkd.service: Failed at step NAMESPACE spawning /usr/lib/systemd/systemd-networkd: Permission denied According to lxc bug tracker https://github.com/lxc/lxc/issues/2778 > While we'd like to allow such mounts we cannot do so until the apparmor_parser is fixed to handle them correctly. other cross references https://github.com/systemd/systemd/issues/11371 https://bugs.archlinux.org/task/61313 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1811248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
