[pkg-lxc-devel] Bug#921176: redis-server service is failing to start in buster lxc container
Pierre-Elliott Bécue
peb at debian.org
Sun Apr 7 19:37:53 BST 2019
Le dimanche 24 février 2019 à 15:01:14+0100, intrigeri a écrit :
> Control: reassign -1 lxc
> Control: severity -1 important
>
> Hi,
>
> Pirate Praveen:
> > In dmesg inside container (same error on the host as well), so it seems
> > apparmor is blocking it.
>
> > [14760.307180] audit: type=1400 audit(1549992481.311:156):
> > apparmor="DENIED" operation="mount" info="failed flags match" error=-13
> > profile="lxc-container-default-cgns" name="/" pid=20531
> > comm="(s-server)" flags="rw, rslave"
>
> The lxc-container-default-cgns profile is shipped by the lxc
> package ⇒ reassigning.
>
> This looks very much like LXC bug #916639 so please retry with:
> lxc 1:3.1.0+really3.0.3-3 or newer?
>
> If that's not sufficient, you might need to set these options for
> your container:
>
> lxc.apparmor.profile = generated
> lxc.apparmor.allow_nesting = 1
>
> (On sid, these settings are in /etc/lxc/default.conf already but I'm
> not familiar with LXC and I don't know if they'll apply to
> pre-existing containers.)
>
> Thanks in advance!
>
> Also, I'm setting severity to non-RC as it would be unfortunate to
> block the migration to testing of… the very version that likely fixes
> this bug. Once it's clarified that this is #916639, I'll fix
> the metadata.
>
> Cheers,
Dear Praveen,
Did you give a test at the latest LXC3 releases?
I wonder if I can close this bug report now.
--
Pierre-Elliott Bécue
GPG: 9AE0 4D98 6400 E3B6 7528 F493 0D44 2664 1949 74E2
It's far easier to fight for one's principles than to live up to them.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-lxc-devel/attachments/20190407/3155daf8/attachment.sig>
More information about the Pkg-lxc-devel
mailing list