[lxc-users] nfs apparmor denial
Mike Wright
nobody at nospam.hostisimo.com
Fri Dec 13 01:34:27 UTC 2019
Hi all,
I have an Ubuntu-19.10 fully upgraded lxc container (as in lxc-create)
and am trying to use it as an nfs-kernel-server. It is down to one last
error that has me stymied.
In /etc/apparmor/lxc-default-cgns I have placed: (thanx google)
mount fstype=nfs*,
mount options=(rw, bind, ro),
The errors are all apparmor DENIED: each begins with the following
line, the only difference is "failed type" vs "failed flags"
apparmor="DENIED" operation="mount" info="failed type match" error=-13
profile="lxc-container-default-cgns"
Here are the tail end of the errors. They all are nfs related.
name="/run/rpc_pipefs/" pid=28767 comm="mount" fstype="rpc_pipefs"
srcname="sunrpc"
name="/run/rpc_pipefs/" pid=28767 comm="mount" fstype="rpc_pipefs"
srcname="sunrpc" flags="ro"
name="/" pid=28783 comm="(nft)" flags="rw, rslave"
name="/proc/fs/nfsd/" pid=28811 comm="mount" fstype="nfsd" srcname="nfsd"
name="/proc/fs/nfsd/" pid=28811 comm="mount" fstype="nfsd"
srcname="nfsd" flags="ro"
name="/" pid=28867 comm="(networkd)" flags="rw, rslave"
name="/" pid=29030 comm="(d-logind)" flags="rw, rslave"
If somebody could point me in the right direction I'd be most grateful.
Thanks,
Mike Wright
More information about the lxc-users
mailing list