[lxc-users] LXC 1.1.3 update blocks container startup.
Andrey Repin
anrdaemon at yandex.ru
Tue Oct 6 00:00:58 UTC 2015
Greetings, Serge Hallyn!
> What does 'sudo aa-status' show?
This is with fully up to date system, including fresh LXC 1.1.3:
# aa-status
apparmor module is loaded.
7 profiles are loaded.
6 profiles are in enforce mode.
/sbin/dhclient
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/connman/scripts/dhclient-script
/usr/lib/cups/backend/cups-pdf
/usr/sbin/cupsd
/usr/sbin/mysqld
1 profiles are in complain mode.
/usr/sbin/ntpd
3 processes have profiles defined.
2 processes are in enforce mode.
/usr/sbin/cupsd (1165)
/usr/sbin/mysqld (1605)
1 processes are in complain mode.
/usr/sbin/ntpd (1872)
0 processes are unconfined but have a profile defined.
> #!/usr/bin/python3
> import lxc
> c = lxc.Container("dc1-1")
> c.get_config_item("lxc.aa_profile")
This still throws an error, but if I change the container name to
> #!/usr/bin/python3
> import lxc
> c = lxc.Container("dc1")
> c.get_config_item("lxc.aa_profile")
It executes silently and do not return any output. (Which, I presume, was one
of the desired outcomes?)
The loglevel=debug log is attached. And, ...
# grep -R "lxc-container-default" /etc
...
/etc/apparmor.d/lxc/lxc-default:profile lxc-container-default flags=(attach_disconnected,mediate_deleted) {
--
With best regards,
Andrey Repin
Tuesday, October 6, 2015 02:36:13
Sorry for my terrible english...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dc1-2015-10-06.log
Type: application/octet-stream
Size: 13645 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20151006/5bcdb0cd/attachment.obj>
More information about the lxc-users
mailing list