← Back to team overview

touch-packages team mailing list archive

[Bug 1270784] Re: aa-status --enabled failed in LXC container with Permission denied: '/sys/kernel/security/apparmor/profiles'

 

Assigning to lxc since it is what is providing the policy.

** Package changed: apparmor (Ubuntu) => lxc (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1270784

Title:
  aa-status --enabled failed in LXC container with  Permission denied:
  '/sys/kernel/security/apparmor/profiles'

Status in “lxc” package in Ubuntu:
  Incomplete

Bug description:
  In an up to date Trusty container install apparmor and run:

  root@trusty-amd64:~# aa-status --enabled
  Traceback (most recent call last):
    File "/usr/sbin/aa-status", line 194, in <module>
      commands[cmd]()
    File "/usr/sbin/aa-status", line 17, in cmd_enabled
      if get_profiles() == {}:
    File "/usr/sbin/aa-status", line 92, in get_profiles
      for p in open(apparmor_profiles).readlines():
  PermissionError: [Errno 13] Permission denied: '/sys/kernel/security/apparmor/profiles'

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apparmor 2.8.0-0ubuntu38
  ProcVersionSignature: Ubuntu 3.13.0-4.19-generic 3.13.0-rc8
  Uname: Linux 3.13.0-4-generic x86_64
  ApportVersion: 2.13.1-0ubuntu1
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Mon Jan 20 11:26:01 2014
  KernLog:
   Jan 20 08:03:53 sark kernel: [163212.225370] type=1400 audit(1390201433.425:86): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/cups/backend/cups-pdf" pid=16135 comm="apparmor_parser"
   Jan 20 08:03:53 sark kernel: [163212.225382] type=1400 audit(1390201433.425:87): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/sbin/cupsd" pid=16135 comm="apparmor_parser"
   Jan 20 08:03:53 sark kernel: [163212.225931] type=1400 audit(1390201433.425:88): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/sbin/cupsd" pid=16135 comm="apparmor_parser"
  ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-3.13.0-4-generic root=UUID=cf89ba34-108b-404d-9804-32d54a1df2ea ro quiet splash vt.handoff=7
  SourcePackage: apparmor
  Syslog:
   
  UpgradeStatus: Upgraded to trusty on 2012-01-31 (719 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1270784/+subscriptions