[lxc-users] Apparmor DENIED messages in the logs
Fajar A. Nugraha
list at fajar.net
Wed Sep 14 09:20:10 UTC 2016
On Wed, Sep 14, 2016 at 4:00 PM, Andrey Repin <anrdaemon at yandex.ru> wrote:
> Greetings, Fajar A. Nugraha!
>
> > On Wed, Sep 14, 2016 at 12:03 AM, Andrey Repin <anrdaemon at yandex.ru
> >wrote:
>
> >>> [ 5408.633325] type=1400 audit(1471009220.304:57): apparmor="DENIED"
> >>> operation="mount" info="failed flags match" error=-13
> >>> profile="lxc-container-default" name="/" pid=12887 comm="mount"
> flags="ro, remount"
> >
>
>
>
>
> > Is it working fine?
>
> No, it either fails to start, or not mounting the directories.
>
>
Does it work if you disable apparmor? e.g. lxc.aa_profile = unconfined (run
"man lxc.container.conf" for details).
If yes, then most likely you need a custom apparmor profile (for example,
see /etc/apparmor.d/abstractions/lxc/start-container), or disable apparmor
completely for your containers.
--
Fajar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160914/9c3f8317/attachment.html>
More information about the lxc-users
mailing list