In 16.10, LXD won't work with enforced dsnmasq profile
Bug #1634199 reported by
Franck
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Undecided
|
Unassigned | ||
apparmor (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
After upgrading to 16.0, LXD networking stopped working due to enforced dnsmasq profile.
audit: type=1400 audit(147670981
Related branches
Changed in apparmor: | |
status: | Fix Committed → Fix Released |
Changed in apparmor (Ubuntu): | |
status: | New → Fix Released |
To post a comment you must log in.
Sounds like the path changed.
You'll need to add the following rule to /etc/apparmor. d/usr.sbin. dnsmasq (or to the local/ include): lib/lxd/ networks/ lxdbr*/ dnsmasq. leases rw,
/var/
BTW: Do you know if lxd supports different network interface types that don't match the lxdbr* name pattern? If yes, we'll need to add a more permissive rule.