[lxc-devel] stable-1.0 broken on 14.04
Stéphane Graber
stgraber at ubuntu.com
Wed Dec 3 17:05:58 UTC 2014
On Tue, Dec 02, 2014 at 10:34:56PM -0500, Stéphane Graber wrote:
> On Tue, Dec 02, 2014 at 10:02:34PM -0500, S.Çağlar Onur wrote:
> > Hey,
> >
> > Seems like [1] is causing problems for trusty (I'm using daily stable
> > builds) as its AppArmor version does not understand "unix" directive
> >
> > [root at eleksi:~/eleksi(master)] /etc/init.d/apparmor reload
> > * Reloading AppArmor profiles
> >
> > ppArmor parser error for /etc/apparmor.d/lxc-containers in
> > /etc/apparmor.d/abstractions/lxc/container-base at line 41: syntax
> > error, unexpected TOK_OPENPAREN, expecting TOK_MODE
> >
> > Commenting out following helps but not sure whether that's a correct thing to do
> >
> > 37 # Allow receive via unix sockets from anywhere. Note: if per-container
> > 38 # profiles are supported, for container isolation this should be
> > changed to
> > 39 # something like:
> > 40 # unix (receive) peer=(label=unconfined),
> > 41 #unix (receive),
> > 42
> > 43 # Allow all unix in the container
> > 44 #unix peer=(label=@{profile_name}),
> >
> > [1] https://github.com/lxc/lxc/commit/d9bae9c84b21642876107f32ba6c51ff3350c372
> >
> > Best,
>
> Good catch, I'll update the stable PPA packaging to drop the unix lines
> on 14.04. We already have a bunch of those (detecting apparmor version
> and stripping the stanzas that go introduced in later versions).
>
> So yeah, removing or commenting out those lines is the right thing to
> do, but the packaging should do that for you usually :)
>
> --
> Stéphane Graber
> Ubuntu developer
> http://www.ubuntu.com
I updated the packaging branch and a build is currently in progress, the
next PPA upload should work fine on 14.04.
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20141203/0f17e920/attachment.sig>
More information about the lxc-devel
mailing list