[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
There's nothing particularly safe for us to do here out of the box. Using an alternative profile or appending to the profile (in LXD's case) is your best bet. ** Changed in: lxc (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
@Justin: The second entry isn't ignored, it will be used when the container starts. Though as Christian said, you do need to restart the container for this to apply. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
stgraber@dakara:~$ lxc launch ubuntu:16.04 nfs -c security.privileged=true -c raw.lxc=lxc.aa_profile=unconfined Creating nfs Starting nfs stgraber@dakara:~$ lxc exec nfs bash root@nfs:~# apt install nfs-kernel-server Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: keyutils libnfsidmap2 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib libtirpc1 nfs-common python python-minimal python2.7 python2.7-minimal rpcbind Suggested packages: watchdog python-doc python-tk python2.7-doc binutils binfmt-support The following NEW packages will be installed: keyutils libnfsidmap2 libpython-stdlib libpython2.7-minimal libpython2.7-stdlib libtirpc1 nfs-common nfs-kernel-server python python-minimal python2.7 python2.7-minimal rpcbind 0 upgraded, 13 newly installed, 0 to remove and 0 not upgraded. Need to get 4383 kB of archives. After this operation, 18.5 MB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libnfsidmap2 amd64 0.25-5 [32.2 kB] Get:2 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libpython2.7-minimal amd64 2.7.12-1ubuntu0~16.04.1 [339 kB] Get:3 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python2.7-minimal amd64 2.7.12-1ubuntu0~16.04.1 [1295 kB] Get:4 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 python-minimal amd64 2.7.11-1 [28.2 kB] Get:5 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 libpython2.7-stdlib amd64 2.7.12-1ubuntu0~16.04.1 [1884 kB] Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 python2.7 amd64 2.7.12-1ubuntu0~16.04.1 [224 kB] Get:7 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libpython-stdlib amd64 2.7.11-1 [7656 B] Get:8 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 python amd64 2.7.11-1 [137 kB] Get:9 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libtirpc1 amd64 0.2.5-1 [75.6 kB] Get:10 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 keyutils amd64 1.5.9-8ubuntu1 [47.1 kB] Get:11 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 rpcbind amd64 0.2.3-0.2 [40.3 kB] Get:12 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 nfs-common amd64 1:1.2.8-9ubuntu12 [185 kB] Get:13 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 nfs-kernel-server amd64 1:1.2.8-9ubuntu12 [88.0 kB] Fetched 4383 kB in 1s (3169 kB/s) Selecting previously unselected package libnfsidmap2:amd64. (Reading database ... 25465 files and directories currently installed.) Preparing to unpack .../libnfsidmap2_0.25-5_amd64.deb ... Unpacking libnfsidmap2:amd64 (0.25-5) ... Selecting previously unselected package libpython2.7-minimal:amd64. Preparing to unpack .../libpython2.7-minimal_2.7.12-1ubuntu0~16.04.1_amd64.deb ... Unpacking libpython2.7-minimal:amd64 (2.7.12-1ubuntu0~16.04.1) ... Selecting previously unselected package python2.7-minimal. Preparing to unpack .../python2.7-minimal_2.7.12-1ubuntu0~16.04.1_amd64.deb ... Unpacking python2.7-minimal (2.7.12-1ubuntu0~16.04.1) ... Selecting previously unselected package python-minimal. Preparing to unpack .../python-minimal_2.7.11-1_amd64.deb ... Unpacking python-minimal (2.7.11-1) ... Selecting previously unselected package libpython2.7-stdlib:amd64. Preparing to unpack .../libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.1_amd64.deb ... Unpacking libpython2.7-stdlib:amd64 (2.7.12-1ubuntu0~16.04.1) ... Selecting previously unselected package python2.7. Preparing to unpack .../python2.7_2.7.12-1ubuntu0~16.04.1_amd64.deb ... Unpacking python2.7 (2.7.12-1ubuntu0~16.04.1) ... Selecting previously unselected package libpython-stdlib:amd64. Preparing to unpack .../libpython-stdlib_2.7.11-1_amd64.deb ... Unpacking libpython-stdlib:amd64 (2.7.11-1) ... Processing triggers for man-db (2.7.5-1) ... Processing triggers for mime-support (3.59ubuntu1) ... Setting up libpython2.7-minimal:amd64 (2.7.12-1ubuntu0~16.04.1) ... Setting up python2.7-minimal (2.7.12-1ubuntu0~16.04.1) ... Linking and byte-compiling packages for runtime python2.7... Setting up python-minimal (2.7.11-1) ... Selecting previously unselected package python. (Reading database ... 26221 files and directories currently installed.) Preparing to unpack .../python_2.7.11-1_amd64.deb ... Unpacking python (2.7.11-1) ... Selecting previously unselected package libtirpc1:amd64. Preparing to unpack .../libtirpc1_0.2.5-1_amd64.deb ... Unpacking libtirpc1:amd64 (0.2.5-1) ... Selecting previously unselected package keyutils. Preparing to unpack .../keyutils_1.5.9-8ubuntu1_amd64.deb ... Unpacking keyutils (1.5.9-8ubuntu1) ... Selecting previously unselected package rpcbind. Preparing to unpack .../rpcbind_0.2.3-0.2_amd64.deb ... Unpacking rpcbind (0.2.3-0.2) ... Selecting previously unselected package nfs-common. Preparing to unpack .../nfs-common_1%3a1.2.8-9ubuntu12_amd64.deb ... Unpacking nfs-common (1:1.2.8-9ubuntu12) ...
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
I used this in the past: lxc config set raw.lxc lxc.aa_profile=unconfined I can confirm that after this the conf contains both lines as you outlined, but for me it worked to unconfine it. I had to restart the container to pick up the new profile thou - so maybe that applies to you as well? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
My appologies if I'm missing something, but I cannot get the raw.lxc setting to work for lxc.aa_profile=unconfined. I've tried setting it but it doesn't seem to take. The .conf file that gets generated in /var/log/lxd///&:lxd-factual-shrew_: lxc.aa_profile=unconfined It appears that the second entry is ignored. Is this expected? Is there a way to work around the first lxc.aa_profile setting being created? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
** Changed in: lxc (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
Anders, the LXD equivalent is setting the raw.lxc key to "lxc.aa_profile=unconfined". -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
I'm also troubled by this issue, but on LXD/LXC 2.0 (Ubuntu 16.04) but I have no idea on how to add those config keys, when doing lxc config edit and adding the keys I get: Config parsing error: Bad key: lxc.aa_profile -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxc (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1575757] Re: Can't install kernel-nfs-server inside lxc container
https://help.ubuntu.com/lts/serverguide/lxc.html did provide a workaround: in the section on nesting, it mentioned that enabling nesting allowed all sorts of mounts. So I added lxc.mount.auto = cgroup lxc.aa_profile = lxc-container-default-with-nesting to the container's config file, restarted the container, and was then able to install the package. So consider this a minor doc enhancement request. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1575757 Title: Can't install kernel-nfs-server inside lxc container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1575757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
