[lxc-users] AppArmor syslog alert explanation, please?

Andrey Repin anrdaemon at yandex.ru
Sat Mar 9 20:46:29 UTC 2019


Greetings, Christian Brauner!

> On Sat, Mar 09, 2019 at 10:16:40PM +0300, Andrey wrote:
>> Greetings, All.
>> 
>> Saturday, March 9, 2019, 22:11:32 you wrote:
>> 
>> AR> Greetings, All!
>> 
>> AR> Mar  9 22:09:01 ih152926 kernel: [2612590.101781] audit:
>> AR> type=1400 audit(1552158541.103:2286):
>> AR> apparmor="DENIED" operation="mount" info="failed flags match"
>> AR> error=-13 profile="lxc-container-default-cgns" name="/"
>> AR> pid=16203 comm="(ionclean)" flags="rw, rslave"

> Well this is some app

That "some app" is, without a surprize, systemd in a 16.04 Ubuntu container...

> trying to recursively remount your root directory
> as rw and rslave. Apart from that not working correctly because of how
> the kernel works this is also pretty dangerous if not run in a separate
> mount namespace. :)


-- 
With best regards,
Andrey Repin
Saturday, March 9, 2019 23:45:01

Sorry for my terrible english...



More information about the lxc-users mailing list