There's nothing particularly safe for us to do here out of the box.
Using an alternative profile or appending to the profile (in LXD's case) is
your best bet.
** Changed in: lxc (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of
@Justin: The second entry isn't ignored, it will be used when the
container starts. Though as Christian said, you do need to restart the
container for this to apply.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
stgraber@dakara:~$ lxc launch ubuntu:16.04 nfs -c security.privileged=true -c
raw.lxc=lxc.aa_profile=unconfined
Creating nfs
Starting nfs
stgraber@dakara:~$ lxc exec nfs bash
root@nfs:~# apt install nfs-kernel-server
Reading package lists... Done
Building dependency tree
Reading state
I used this in the past:
lxc config set raw.lxc lxc.aa_profile=unconfined
I can confirm that after this the conf contains both lines as you
outlined, but for me it worked to unconfine it. I had to restart the
container to pick up the new profile thou - so maybe that applies to you
as well?
--
My appologies if I'm missing something, but I cannot get the raw.lxc
setting to work for lxc.aa_profile=unconfined. I've tried setting it but
it doesn't seem to take. The .conf file that gets generated in
/var/log/lxd///&:lxd-factual-shrew_:
lxc.aa_profile=unconfined
It appears that the second
** Changed in: lxc (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575757
Title:
Can't install kernel-nfs-server inside lxc container
To manage
Anders, the LXD equivalent is setting the raw.lxc key to
"lxc.aa_profile=unconfined".
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575757
Title:
Can't install kernel-nfs-server inside lxc
I'm also troubled by this issue, but on LXD/LXC 2.0 (Ubuntu 16.04) but I have
no idea on how to add those config keys, when doing lxc config edit
and adding the keys I get:
Config parsing error: Bad key: lxc.aa_profile
--
You received this bug notification because you are a member of Ubuntu
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: lxc (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575757
Title:
Can't
https://help.ubuntu.com/lts/serverguide/lxc.html did provide a workaround: in
the section on nesting, it mentioned
that enabling nesting allowed all sorts of mounts. So I added
lxc.mount.auto = cgroup
lxc.aa_profile = lxc-container-default-with-nesting
to the container's config file, restarted
10 matches
Mail list logo
