← Back to team overview

kernel-packages team mailing list archive

[Bug 1357103] Re: apparmor denied a golang build inside a container

 

** Changed in: lxc (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1357103

Title:
  apparmor denied a golang build inside a container

Status in “apparmor” package in Ubuntu:
  New
Status in “linux” package in Ubuntu:
  Confirmed
Status in “lxc” package in Ubuntu:
  Fix Released

Bug description:
  First, the error, while building a package inside a precise container:
  (...)
  make[1]: Entering directory `/home/ubuntu/deb/landscape-server-13.09.3~bzr544'
  GOPATH=/home/ubuntu/deb/landscape-server-13.09.3~bzr544/src/landscape/go /usr/bin/go install launchpad.net/gocheck github.com/lib/pq github.com/glacjay/goini
  GOPATH=/home/ubuntu/deb/landscape-server-13.09.3~bzr544/src/landscape/go /usr/bin/go install launchpad.net/landscape/cmd/packagesearch launchpad.net/landscape/cmd/license-audit launchpad.net/landscape/cmd/valid-license-audit
  # launchpad.net/landscape/cmd/license-audit
  /usr/lib/go/pkg/tool/linux_amd64/6g: error while loading shared libraries: libc.so.6: failed to map segment from shared object: Permission denied
  make[1]: *** [install] Error 2
  make[1]: Leaving directory `/home/ubuntu/deb/landscape-server-13.09.3~bzr544'
  make: *** [install] Error 2
  dpkg-buildpackage: error: fakeroot debian/rules binary gave error exit status 2

  In dmesg:
  [226141.740150] type=1400 audit(1408053388.352:106): apparmor="DENIED" operation="file_mmap" profile="lxc-container-default" name="landscape/cmd/valid-license-audit/" pid=389 comm="6g" requested_mask="mr" denied_mask="mr" fsuid=1000 ouid=0

  
  The host is trusty, running 3.13.0-32-lowlatency #57

  My /var/lib/lxc is btrfs:
  /dev/mapper/ubuntu--vg-containers on /var/lib/lxc type btrfs (rw)

  Filesystem                         Size  Used Avail Use% Mounted on
  /dev/mapper/ubuntu--vg-containers   50G   15G   35G  30% /var/lib/lxc

  How I created the precise container:
  lxc-create -n andreas-test -t ubuntu -- -S /home/andreas/.ssh/id_rsa.pub -r precise

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1357103/+subscriptions


References