[Lxc-users] apparmor and nfs
Serge Hallyn
serge.hallyn at canonical.com
Sat Oct 20 00:21:00 UTC 2012
Quoting Gary Ballantyne (gary.ballantyne at haulashore.com):
> Hi
>
> I use "lxc.aa_profile = unconfined" to get the NFS client to work in a
> container (precise host and container).
>
> Is that the best approach?
If disabling apparmor works, then a custom profile should also work, and
would be your best bet. I haven't tried it, but would suggest starting a
container with apparmor enabled, and looking through /var/log/auth.log or
/var/log/syslog for the specific apparmor denial message.
How are you using nfs exactly? Is the lxc.rootfs in the config file
set to a subdir on nfs? Or does the container itself try to mount nfs?
Can you show the relevant config files?
-serge
More information about the lxc-users
mailing list