[Lxc-users] Can't execute a python shell script from /run/*
David Parks
davidparks21 at yahoo.com
Mon Apr 22 08:47:00 UTC 2013
Ah, You are a scholar and a gentleman Fajar. Your email just saved us untold
hours of toil. Now I see how those FS's are mounted, I wasn't aware of this
other fstab, I removed the noexec mount option and all is well now. We've
been tracking a related issues for 4 days now. Thank you!!
Incidentally, to your question, this is a 12.04 'ubuntu' template container
running under a 12.10 host (the application, cloudera/hadoop, was super
picky about versions).
David
From: Fajar A. Nugraha [mailto:list at fajar.net]
Sent: Monday, April 22, 2013 3:02 PM
To: David Parks
Cc: LXC
Subject: Re: [Lxc-users] Can't execute a python shell script from /run/*
On Mon, Apr 22, 2013 at 2:44 PM, David Parks <davidparks21 at yahoo.com> wrote:
We're running an app that installs some files to /run and needs to execute a
python script in that directory.
Even the root user is denied permission to execute the script, which tells
me that LXC (presumably AppArmor) is blocking access to running a script
under /run/*
Nope.
On my host:
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
... which is mounted from /lib/init/fstab. noexec prevents running any
executable there.
Now what's interesting is that my ubuntu template (0.9.0-0ubuntu2)
specifically create an empty /lib/init/fstab, so you shouldn't even have a
/run mount entry in a container. What is the content of that file on your
container? Or perhaps you manually have an entry for /run on your
container's fstab?
--
Fajar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20130422/e6b17d22/attachment.html>
More information about the lxc-users
mailing list