kernel-packages team mailing list archive
  
  - 
     kernel-packages team kernel-packages team
- 
    Mailing list archive
  
- 
    Message #75620
  
 [Bug 1357103] Re: apparmor denied a golang build	inside a container
  
This looks like it might be caused by bug in path lookups and bind mount
handling that I have a test patch for. I will build a test kernel for
trusty (14.04). Please let me know if there are any other kernels you
would like to test on.
-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1357103
Title:
  apparmor denied a golang build inside a container
Status in “apparmor” package in Ubuntu:
  New
Status in “linux” package in Ubuntu:
  Confirmed
Status in “lxc” package in Ubuntu:
  New
Bug description:
  First, the error, while building a package inside a precise container:
  (...)
  make[1]: Entering directory `/home/ubuntu/deb/landscape-server-13.09.3~bzr544'
  GOPATH=/home/ubuntu/deb/landscape-server-13.09.3~bzr544/src/landscape/go /usr/bin/go install launchpad.net/gocheck github.com/lib/pq github.com/glacjay/goini
  GOPATH=/home/ubuntu/deb/landscape-server-13.09.3~bzr544/src/landscape/go /usr/bin/go install launchpad.net/landscape/cmd/packagesearch launchpad.net/landscape/cmd/license-audit launchpad.net/landscape/cmd/valid-license-audit
  # launchpad.net/landscape/cmd/license-audit
  /usr/lib/go/pkg/tool/linux_amd64/6g: error while loading shared libraries: libc.so.6: failed to map segment from shared object: Permission denied
  make[1]: *** [install] Error 2
  make[1]: Leaving directory `/home/ubuntu/deb/landscape-server-13.09.3~bzr544'
  make: *** [install] Error 2
  dpkg-buildpackage: error: fakeroot debian/rules binary gave error exit status 2
  In dmesg:
  [226141.740150] type=1400 audit(1408053388.352:106): apparmor="DENIED" operation="file_mmap" profile="lxc-container-default" name="landscape/cmd/valid-license-audit/" pid=389 comm="6g" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0
  
  The host is trusty, running 3.13.0-32-lowlatency #57
  My /var/lib/lxc is btrfs:
  /dev/mapper/ubuntu--vg-containers on /var/lib/lxc type btrfs (rw)
  Filesystem                         Size  Used Avail Use% Mounted on
  /dev/mapper/ubuntu--vg-containers   50G   15G   35G  30% /var/lib/lxc
  How I created the precise container:
  lxc-create -n andreas-test -t ubuntu -- -S /home/andreas/.ssh/id_rsa.pub -r precise
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1357103/+subscriptions
References