Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: apparmor (Ubuntu)
       Status: New => Confirmed

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.

  systemd--networkd mounts denied for lxc guest

Status in apparmor package in Ubuntu:

Bug description:
  Host unbuntu cosmic | lxc 3.0.3 | aa 2.12 | systemd 239-7
  Guest Arch Linux | systemd 240.0

  After having upgraded in the guest systemd from 239.370 to 240.0 the
  host's AA is exhibiting

  > audit: type=1400 audit(1547125168.853:722): apparmor="DENIED"
  operation="mount" info="failed flags match" error=-13 profile="lxc-
  container-default-cgns" name="/" pid=8426 comm="(networkd)" flags="rw,

  and the guest

  > systemd-networkd.service: Failed to set up mount namespacing: Permission 
  > systemd-networkd.service: Failed at step NAMESPACE spawning 
/usr/lib/systemd/systemd-networkd: Permission denied

  According to lxc bug tracker

  > While we'd like to allow such mounts we cannot do so until the
  apparmor_parser is fixed to handle them correctly.

  other cross references

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to