Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED via workaround] apparmor + lxd results in errors
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
CanuteTheGreat
n00b
n00b


Joined: 10 Feb 2007
Posts: 58
Location: Bellingham, WA, USA

PostPosted: Thu Aug 05, 2021 4:40 am    Post subject: [SOLVED via workaround] apparmor + lxd results in errors Reply with quote

I installed apparmor and got it working so I could use snap (which is also working) but in the process I somehow broke lxd. When trying to run a container I get an error similar to this:

Quote:

lxc launch ubuntu: test
Creating test
Starting test
Error: Failed preparing container for start: Load go-lxc struct: Failed to set LXC config: lxc.apparmor.profile=lxd-test_</var/lib/lxd>//&:lxd-test_<var-lib-lxd>:


Similarly when trying to edit a container:
Quote:

lxc config edit test
Config parsing error: Initialize LXC: Failed to set LXC config: lxc.apparmor.profile=lxd-test_</var/lib/lxd>//&:lxd-test_<var-lib-lxd>:


I do not see anything under /etc/apparmor.d/ related to lxc/lxd and looking at the ebuilds I see that apparmor is disabled for lxc and lxd:
Quote:

[ebuild R ] app-emulation/lxc-4.0.9-r1::gentoo USE="caps pam ssl tools verify-sig (-apparmor) -doc -man (-selinux)" 0 KiB
[ebuild R ] app-emulation/lxd-4.0.6-r1::gentoo USE="ipv6 nls verify-sig (-apparmor)" 0 KiB


In case it matters, my profile is "default/linux/amd64/17.1/desktop/gnome/systemd"

Is there a way to have my cake and eat it too?


Last edited by CanuteTheGreat on Fri Aug 06, 2021 3:21 pm; edited 1 time in total
Back to top
View user's profile Send private message
CanuteTheGreat
n00b
n00b


Joined: 10 Feb 2007
Posts: 58
Location: Bellingham, WA, USA

PostPosted: Thu Aug 05, 2021 4:32 pm    Post subject: Reply with quote

Hello,

If it helps, here is the log for a test container:

Quote:

lxc info --show-log test
Name: test
Location: none
Remote: unix://
Architecture: x86_64
Created: 2021/08/05 04:21 UTC
Status: Stopped
Type: container
Profiles: default

Log:

lxc 20210805042154.406 ERROR confile - confile.c:set_config_apparmor_profile:1459 - Invalid argument - Built without AppArmor support
lxc 20210805043459.230 ERROR confile - confile.c:set_config_apparmor_profile:1459 - Invalid argument - Built without AppArmor support
lxc 20210805043459.231 ERROR confile - confile.c:set_config_apparmor_profile:1459 - Invalid argument - Built without AppArmor support
lxc 20210805161116.885 ERROR confile - confile.c:set_config_apparmor_profile:1459 - Invalid argument - Built without AppArmor support
lxc 20210805162749.406 ERROR confile - confile.c:set_config_apparmor_profile:1459 - Invalid argument - Built without AppArmor support


It makes me wonder if there is a way to completely disable apparmor for lxd/lxc without breaking snap?
Back to top
View user's profile Send private message
CanuteTheGreat
n00b
n00b


Joined: 10 Feb 2007
Posts: 58
Location: Bellingham, WA, USA

PostPosted: Fri Aug 06, 2021 3:20 pm    Post subject: Reply with quote

Hello,

I did not solve my original problem(s) but I did get snap to work just fine without apparmor installed and lxd/lxc are back to normal now.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum