Quoting Iain Lane (i...@orangesquash.org.uk):
> On Thu, Nov 07, 2013 at 03:20:29PM -0000, Serge Hallyn wrote:
> > Quoting Iain Lane (i...@orangesquash.org.uk):
> > > I get this (newly?) when trying to update within sbuild within lxc
> > > 
> > > [ 1927.282880] type=1400 audit(1383816970.374:86): apparmor="DENIED"
> > > operation="getattr" info="Failed name lookup - deleted entry" error=-2
> > > parent=11717 profile="/usr/bin/lxc-start" name="/var/lib/schroot/mount
> > 
> > lxc-start -> that is not the profile you should be under.
> > 
> > Is this by chance a 3.12 kernel?
> 
> Sure is. 3.12.0-1-generic

The fix for that should be in the trusty kernel I believe mid-next week.

Would you mind opening a new bug against lxc saying that if the
container is in profile lxc-start, and apparmor support is lacking,
it must run unconfined or refuse to run?

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/969299

Title:
  apparmor prevents dpkg-divert and localedef from working in a
  container

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/969299/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to