touch-packages team mailing list archive

Thread
Date

[Bug 1432683] Re: apt-get install lxc doesn't load required apparmor profiles

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1432683@xxxxxxxxxxxxxxxxxx>
Date: Fri, 03 Apr 2015 02:02:13 -0000
Reply-to: Bug 1432683 <1432683@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package init-system-helpers - 1.22ubuntu6

---------------
init-system-helpers (1.22ubuntu6) vivid; urgency=medium

  * Add /lib/init/apparmor-profile-load; moved from the upstart package to the
    apparmor package and wrapped here under the old path. This name can
    continue to be used by init scripts to save them individually testing if
    apparmor is installed, as this wrapper performs this task.
    (LP: #1432683)
 -- Robie Basak <robie.basak@xxxxxxxxxx>   Thu, 02 Apr 2015 11:13:36 -0500

** Changed in: init-system-helpers (Ubuntu)
       Status: New => Fix Released

** Changed in: upstart (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1432683

Title:
  apt-get install lxc doesn't load required apparmor profiles

Status in apparmor package in Ubuntu:
  Fix Released
Status in init-system-helpers package in Ubuntu:
  Fix Released
Status in lxc package in Ubuntu:
  Fix Released
Status in squid3 package in Ubuntu:
  New
Status in upstart package in Ubuntu:
  Fix Released

Bug description:
  I'm trying to use LXC on my openstack instance which runs vivid daily:

  $ sudo apt-get install lxc -y

  $ sudo lxc-create -t ubuntu-cloud --name=vivid -- --flush-cache
  --stream=daily --release=vivid

  $ sudo lxc-start --name vivid --logfile=lxc.log
  lxc-start: lxc_start.c: main: 344 The container failed to start.
  lxc-start: lxc_start.c: main: 346 To get more details, run the container in foreground mode.
  lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.

  In the log file (lxc.log) I observe the following error:
  lxc-start 1426516387.814 ERROR    lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:183 - No such file or directory - failed to change apparmor profile to lxc-container-default

  This profile *exists* under /etc/apparmor.d/lxc/lxc-default but was
  not loaded appropriately.

  This issue disappears if I:
  (a) reload apparmor profile manually: sudo /etc/init.d/apparmor reload
  or
  (b) reboot the instance

  I'd expect that 'apt-get install lxc' has to load all appropriate
  apparmor profiles to allow starting containers w/o profile reloading /
  rebooting.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1432683/+subscriptions

References

[Bug 1432683] [NEW] apt-get install lxc doesn't load required apparmor profiles
From: Oleg Strikov, 2015-03-16