[lxc-users] denied of mounting /run/netns ?
Rui Zang
rui.zang at foxmail.com
Fri May 27 04:32:55 UTC 2016
Greetings,
I am trying to run an openstack (with neutron networking) deployed by
devstack in one LXC. The deployments seems completed but after a while
something odd was discovered.
First of all, there have been tens of thousands of tap devices created
and hooked into ovs bridges. And the number is increasing.
stack at devstack:~$ sudo ovs-vsctl show | wc -l
14215
While I was trying to debug this, I found a thousand below message in
kernel log:
[162823.239519] audit: type=1400 audit(1464323116.356:41707):
apparmor="DENIED" operation="mount" info="failed type match" error=-13
profile="lxc-container-default" name="/run/netns/" pid=40414 comm="ip"
flags="rw, rshared"
What does it mean? Shall I grant some privilege to this LXC?
Thanks,
Zang, Rui
More information about the lxc-users
mailing list