Comment 26 for bug 1824812
Revision history for this message
| Christian Ehrhardt (paelzer) wrote | #26 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Ordering was important:
$ modprobe shiftfs
$ sudo snap set lxd shiftfs.enable=true
$ sudo systemctl restart snap.lxd.daemon
Now it is enabled:
$ lxc info | grep shiftfs
shiftfs: "true"
$ lxc exec d-testapparmor -- mount | grep shift
/var/snap/
/var/snap/
And with that I can reproduce the bug:
$ lxc exec d-testapparmor -- aa-status
apparmor module is loaded.
0 profiles are loaded.
0 profiles are in enforce mode.
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
$ lxc exec d-testapparmor -- apparmor_parser -r /etc/apparmor.
AppArmor parser error for /etc/apparmor.
Installing the host kernel from proposed.
=> 5.0.0.14.15
ubuntu@
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
linux-
Suggested packages:
fdutils linux-doc-5.0.0 | linux-source-5.0.0 linux-tools
The following NEW packages will be installed:
linux-
The following packages will be upgraded:
linux-generic linux-headers-
3 upgraded, 5 newly installed, 0 to remove and 8 not upgraded.
Need to get 67.1 MB of archives.
After this operation, 334 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://
6% [1 linux-modules-
Get:2 http://
Get:3 http://
Get:4 http://
Get:5 http://
Get:6 http://
Get:7 http://
Get:8 http://
Fetched 67.1 MB in 13s (5048 kB/s)
Selecting previously unselected package linux-modules-
(Reading database ... 67632 files and directories currently installed.)
Preparing to unpack .../0-linux-
Unpacking linux-modules-
Selecting previously unselected package linux-image-
Preparing to unpack .../1-linux-
Unpacking linux-image-
Selecting previously unselected package linux-modules-
Preparing to unpack .../2-linux-
Unpacking linux-modules-
Preparing to unpack .../3-linux-
Unpacking linux-generic (5.0.0.14.15) over (5.0.0.13.14) ...
Preparing to unpack .../4-linux-
Unpacking linux-image-generic (5.0.0.14.15) over (5.0.0.13.14) ...
Selecting previously unselected package linux-headers-
Preparing to unpack .../5-linux-
Unpacking linux-headers-
Selecting previously unselected package linux-headers-
Preparing to unpack .../6-linux-
Unpacking linux-headers-
Preparing to unpack .../7-linux-
Unpacking linux-headers-
Setting up linux-headers-
Setting up linux-headers-
Setting up linux-modules-
Setting up linux-headers-
Setting up linux-image-
I: /vmlinuz is now a symlink to boot/vmlinuz-
I: /initrd.img is now a symlink to boot/initrd.
Setting up linux-modules-
Setting up linux-image-generic (5.0.0.14.15) ...
Setting up linux-generic (5.0.0.14.15) ...
Processing triggers for linux-image-
/etc/kernel/
update-initramfs: Generating /boot/initrd.
cryptsetup: WARNING: The initramfs image may not contain cryptsetup binaries
nor crypto modules. If that's on purpose, you may want to uninstall the
'cryptsetup
integration and avoid this warning.
/etc/kernel/
Sourcing file `/etc/default/grub'
Sourcing file `/etc/default/
Sourcing file `/etc/default/
Sourcing file `/etc/default/
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-
Found initrd image: /boot/initrd.
Found linux image: /boot/vmlinuz-
Found initrd image: /boot/initrd.
done
Install worked fine, now rebooting into it.
$ uname -a
Linux disco-test-aa-stack 5.0.0-14-generic #15-Ubuntu SMP Wed Apr 24 15:39:57 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Still using shiftfs
$ lxc info | grep shiftfs
shiftfs: "true"
$ lxc exec d-testapparmor -- mount | grep shift
/var/snap/
/var/snap/
Profiles now load ok:
$ lxc exec d-testapparmor -- aa-status
apparmor module is loaded.
27 profiles are loaded.
27 profiles are in enforce mode.
Summarizing - kernel in proposed verified