[Lxc-users] Can't execute a python shell script from /run/*
Stéphane Graber
stgraber at ubuntu.com
Mon Apr 22 08:18:56 UTC 2013
On 04/22/2013 10:02 AM, Fajar A. Nugraha wrote:
> On Mon, Apr 22, 2013 at 2:44 PM, David Parks <davidparks21 at yahoo.com
> <mailto:davidparks21 at yahoo.com>> wrote:
>
> We’re running an app that installs some files to /run and needs to
> execute a python script in that directory.____
>
> __ __
>
> Even the root user is denied permission to execute the script, which
> tells me that LXC (presumably AppArmor) is blocking access to
> running a script under /run/*____
>
> __
>
>
> Nope.
>
> On my host:
> tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
>
> ... which is mounted from /lib/init/fstab. noexec prevents running any
> executable there.
>
> Now what's interesting is that my ubuntu template (0.9.0-0ubuntu2)
> specifically create an empty /lib/init/fstab, so you shouldn't even have
> a /run mount entry in a container. What is the content of that file on
> your container? Or perhaps you manually have an entry for /run on your
> container's fstab?
The Ubuntu template only clears /lib/init/fstab if you're using the trim
option which most people don't and really shouldn't as it makes it a
non-standard Ubuntu system and breaks updates.
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130422/35f009bf/attachment.pgp>
More information about the lxc-users
mailing list