Hi, It's been 18 months since I reported this bug. Sorry for the slow response to your question, but it did come about a year after I raised the issue.
This was detected on Ubuntu Server 14.04 LTS. I am no longer able to tell you which kernel was being run at the time. I suspect it's still likely to be a problem on the 14.4 LTS, however we moved to 16.04 LTS this year and haven't heard any more complaints from our team. We're also mostly using Docker now rather than LXC. So... problem probably still exists, but I guess no-one really cares any more. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1428490 Title: AppArmor vs unix socket inside LXC containers Status in lxc package in Ubuntu: New Bug description: I know this seems like an odd bug, but I've spent all day chasing it down. I was seeing problems with LDAP lookups inside an LXC container, and strace on getent lookups was showing that attempts to read from /var/run/nslcd/socket were being closed as -1 (EACCESS). That file/UNIX socket is owned by nslcd, also running inside the LXC. Back on the host machine, setting the LXC config to set lxc.aa_profile = unconfined (and restarting the container) then allowed that socket to start working freely. This seems weird, as there's all sorts of other things using UNIX sockets inside containers that still function normally, but I thought I'd mention it, especially in case anyone hits this issue. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1428490/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
