[Lxc-users] current status of LXC in Ubuntu precise? (WAS: Problem mounting Host directory in guest)
Fajar A. Nugraha
list at fajar.net
Thu May 10 08:38:56 UTC 2012
On Tue, May 8, 2012 at 12:40 PM, Fajar A. Nugraha <list at fajar.net> wrote:
> On Tue, May 8, 2012 at 12:28 PM, Serge Hallyn
> <serge.hallyn at canonical.com> wrote:
>>> Also, a quick test on my setup (ubuntu precise amd64,
>>> linux-image-3.2.0-24-generic 3.2.0-24.37, lxc 0.7.5-3ubuntu53) shows
>>> freshly created container from templates (e.g. lxc-create -t ...,
>>> tested with sshd and ubuntu templates) will fail to start with the
>>> same error message that Xavier mentioned:
>>>
>>> lxc-start: No such file or directory - failed to change apparmor
>>> profile to lxc-container-default
>>
>> I don't get that problem. Is your host a stock precise image?
>
> yes.
I think I found the problem.
Depending on what you meant by "stock precise image", then my host
might not be one, since it's not installed using the live cd
installer. It was created using debootstrap, and later "apt-get
install ubuntu-desktop lxc".
The problem with that approach is:
- the default lxc guest container setup created using templates will
try to change apparmor profile to lxc-container-default. That
operation apparently requires apparmor package to be installed
- neither ubuntu-desktop, lxc, or the packages it depends on has any
dependecy for apparmor. lxc only depends on libapparmor1, which
apparently is not enough
- using "lxc.aa_profile = unconfined" removes the need to change
apparmor profile, thus removes the need for apparmor package
So I'm guessing the correct fix would be to either:
- include apparmor as dependecy for lxc, OR
- use "lxc.aa_profile = unconfined" uncommented by default for
template-created containers.
--
Fajar
More information about the lxc-users
mailing list