[lxc-users] lxc-start fails at apparmor detection
Tom Weber
l_lxc-users at mail2news.4t2.com
Thu Aug 7 22:19:50 UTC 2014
Am Donnerstag, den 07.08.2014, 17:23 -0400 schrieb Dwight Engen:
> On Tue, 05 Aug 2014 13:53:58 +0200
> Tom Weber <l_lxc-users at mail2news.4t2.com> wrote:
> > Oh, and a little log message wether lxc-start detected apparmor or not
> > and activates it would be _very_ helpfull :)
>
> lsm_init() INFO()s which lsm backend was detected, and
> apparmor_process_label_set() INFO()s which profile its setting so you
> should see those in the log if your --logpriority is set accordingly.
yes, but only if it activates apparmor (which would have been only the
case if that mount patch is in the kernel). It silently ignored my
apparmor settings completely - how should I know what should have been
in the log if I only see these messages when everything works? :)
The problem with Serge's patch, which turns the failed detection of a
mount patched kernel into a WARN(), is that these WARN()s don't appear
anywhere.
Regards,
Tom
More information about the lxc-users
mailing list