[lxc-devel] Where to get apparmor profiles?
Serge Hallyn
serge.hallyn at canonical.com
Tue Jan 29 15:06:34 UTC 2013
Quoting Stéphane Graber (stgraber at ubuntu.com):
> On 01/29/2013 05:21 AM, Brent Tubbs wrote:
> > Hi,
> >
> > I've installed the current dev version from Github on a Precise host
> > using ./autogen.sh;./configure;make;make install. When I try to do a
> > simple lxc-execute, I get this:
> >
> > root at precise64:~# lxc-execute --name blah /bin/bash
> > lxc-execute: Permission denied - failed to change apparmor profile to
> > lxc-container-default
> > lxc-execute: invalid sequence number 1. expected 4
> > lxc-execute: failed to spawn 'blah'
> > root at precise64:~# lxc-version
> > lxc version: 0.9.0.alpha2
> >
> > I seem to remember this working on 0.8.0rc2, though I don't think it's
> > worked since then. Have I installed incorrectly? Is there an Ubuntu
> > package I'm missing?
> >
> > Thanks,
> > Brent
>
> Hi,
>
> Those profiles are only in the Ubuntu package, so when installing from
> git you're either expected to already have them on your system or to
> write your own minimal lxc-container-default profile.
>
> However, if all you want to do is use the latest development version on
> Ubuntu, then you can use our daily builds which include the apparmor
> profiles.
> Those are triggered every time new commits land in the stagging branch
> and are available for Ubuntu 12.04, 12.10 and 13.04:
> https://launchpad.net/~ubuntu-lxc/+archive/daily
We can't have the upstream package fully set up apparmor profiles,
because we can't be sure how your host is set up, but we should be
able to install some processed apparmor profiles into say
${docdir}/apparmor/profiles...
-serge
More information about the lxc-devel
mailing list