[Lxc-users] Ubuntu 12.04 - apparmor problem (WAS: Ubuntu 12.04 linux-container package and init modifications)

Fajar A. Nugraha list at fajar.net
Tue Mar 20 06:46:36 UTC 2012


On Thu, Mar 8, 2012 at 1:16 AM, Stéphane Graber <stgraber at ubuntu.com> wrote:

> I hope this helped explain what we're doing in 12.04.
> I'm planning on a generic "what's new in LXC for 12.04" blog post in
> the next few days, once we've turned apparmor back on and have
> somewhat secure containers again (hopefully later today).
>
> Again, please try an up to date Ubuntu 12.04 system and report any bug
> that you see, we're trying to closely look at LXC bugs and fix them as
> soon as possible.

Hi Stephane,

I just updated lxc on 12.04 to 0.7.5-3ubuntu40, which reenables
apparmor profile. My previously-working lxc containers now refused to
start.

$ sudo lxc-start -n precise
lxc-start: Permission denied - failed to mount 'proc' on
'/usr/lib/lxc/root//proc'
lxc-start: failed to setup the mounts for 'precise'
lxc-start: failed to setup the container
lxc-start: invalid sequence number 1. expected 2
lxc-start: failed to spawn 'precise'
lxc-start: Device or resource busy - failed to remove cgroup
'/sys/fs/cgroup/cpu//lxc/precise'

Disabling the profile (symlink ../usr.bin.lxc-start on
/etc/apparmor.d/disable, and force-reloading apparmor) made it work
again. Any ideas?

-- 
Fajar




More information about the lxc-users mailing list