Comment 7 for bug 1319525

Hi Serge - I'm still wanting a little more information. I tried to reproduce the bug myself and can't hit the AppArmor denial. I assume that it must be specific to Charles' local trusty/wordpress charm.

Charles and/or Curtis, can you explain what change occurred in juju-core that has caused the need to mount rpc_pipefs filesystems inside the container?

Serge, as far as allowing rpc_pipefs inside the container, I don't know how safe that would be off the top of my head. I looked at the other filesystems that are allowed by the container-base abstraction and was surprised to see debugfs was allowed. I can't imagine that allowing rpc_pipefs could be more dangerous that debugfs, but that also doesn't mean that we should allow rpc_pipefs. I need to spend some time today understanding more about rpc_pipefs.