[lxc-users] lxc.aa_allow_incomplete in vivid containers
Mark Constable
markc at renta.net
Fri May 8 06:51:42 UTC 2015
On Fri, 8 May 2015 01:37:31 PM Fajar A. Nugraha wrote:
> Looks OK. This is vivid host, right?
Yes. Although I just realized I updated the kernel because I could not
boot onto my btrfs partition after a kernel upgrade about a week ago.
~ lxc-checkconfig
Kernel configuration not found at /proc/config.gz; searching...
Kernel configuration found at /boot/config-4.1.0-999-generic
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
Multiple /dev/pts instances: enabled
--- Control groups ---
Cgroup: enabled
Cgroup clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: missing
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
File capabilities: enabled
> Does it behave the same when you use download template? e.g.
> # lxc-create -n v -t download -- -d ubuntu -r vivid -a amd64
Thanks. Just done the above but still get the same result...
lxc-start: lsm/apparmor.c: apparmor_process_label_set: 169 If you really
want to start this container, set
lxc-start: lsm/apparmor.c: apparmor_process_label_set: 170
lxc.aa_allow_incomplete = 1
lxc-start: lsm/apparmor.c: apparmor_process_label_set: 171 in your container
configuration file
More information about the lxc-users
mailing list