[2.0beta1] maas-dhcpd should not attempt reload the apparmor profile when installing in a container
Bug #1569568 reported by
Blake Rouse
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Fix Released
|
Critical
|
Blake Rouse |
Bug Description
apparmor_parser: Unable to replace "/usr/sbin/dhcpd". Permission denied; attempted to load a profile while confined?
dpkg: error processing package maas-dhcp (--purge):
Related branches
lp:~blake-rouse/maas/fix-1569568
- Andres Rodriguez (community): Approve
-
Diff: 12 lines (+1/-1)1 file modifieddebian/maas-dhcp.postrm (+1/-1)
Changed in maas: | |
status: | In Progress → Fix Committed |
Changed in maas: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
I still see this issue.
I deployed a new/clean ubuntu 16.04 image on a NUC today.
I used the following profile for the container:
ubuntu@nuc03:~$ lxc profile show maas20 cgroup. devices. allow = c 10:237 rwm cgroup. devices. allow = b 7:* rwm privileged: "true"
name: maas20
config:
raw.lxc: |-
lxc.
lxc.aa_profile = unconfined
lxc.
security.
description: MAAS 20
devices:
eth0:
name: eth0
nictype: bridged
parent: br-eth0
type: nic
loop0:
path: /dev/loop0
type: unix-block
loop1:
path: /dev/loop1
type: unix-block
loop2:
path: /dev/loop2
type: unix-block
loop3:
path: /dev/loop3
type: unix-block
loop4:
path: /dev/loop4
type: unix-block
loop5:
path: /dev/loop5
type: unix-block
loop6:
path: /dev/loop6
type: unix-block
loop7:
path: /dev/loop7
type: unix-block
Installing maas-dhcp in the container I see:
ubuntu@maas20:~$ sudo apt install maas-dhcp server- ldap policycoreutils ppa.launchpad. net/maas/ stable/ ubuntu xenial/main amd64 maas-dhcp all 2.0.0+bzr5189- 0ubuntu1~ 16.04.1 [33.1 kB] archive. ubuntu. com/ubuntu xenial-updates/main amd64 libisccfg-export140 amd64 1:9.10. 3.dfsg. P4-8ubuntu1 [38.6 kB] archive. ubuntu. com/ubuntu xenial-updates/main amd64 libirs-export141 amd64 1:9.10. 3.dfsg. P4-8ubuntu1 [17.5 kB] archive. ubuntu. com/ubuntu xenial-updates/main amd64 isc-dhcp-server amd64 4.3.3-5ubuntu12.1 [412 kB] export140. export140_ 1%3a9.10. 3.dfsg. P4-8ubuntu1_ amd64.deb ... 3.dfsg. P4-8ubuntu1) ... export141_ 1%3a9.10. 3.dfsg. P4-8ubuntu1_ amd64.deb ... 3.dfsg. P4-8ubuntu1) ... dhcp-server_ 4.3.3-5ubuntu12 .1_amd64. deb ... dhcp_2. 0.0+bzr5189- 0ubuntu1~ 16.04.1_ all.deb ... bzr5189- 0ubuntu1~ 16.04.1) ... 3.dfsg. P4-8ubuntu1) .....
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
isc-dhcp-server libirs-export141 libisccfg-export140
Suggested packages:
isc-dhcp-
The following NEW packages will be installed:
isc-dhcp-server libirs-export141 libisccfg-export140 maas-dhcp
0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 501 kB of archives.
After this operation, 1,645 kB of additional disk space will be used.
Do you want to continue? [Y/n]
Get:1 http://
Get:2 http://
Get:3 http://
Get:4 http://
Fetched 501 kB in 0s (2,541 kB/s)
Preconfiguring packages ...
Selecting previously unselected package libisccfg-
(Reading database ... 25436 files and directories currently installed.)
Preparing to unpack .../libisccfg-
Unpacking libisccfg-export140 (1:9.10.
Selecting previously unselected package libirs-export141.
Preparing to unpack .../libirs-
Unpacking libirs-export141 (1:9.10.
Selecting previously unselected package isc-dhcp-server.
Preparing to unpack .../isc-
Unpacking isc-dhcp-server (4.3.3-5ubuntu12.1) ...
Selecting previously unselected package maas-dhcp.
Preparing to unpack .../maas-
Unpacking maas-dhcp (2.0.0+
Processing triggers for libc-bin (2.23-0ubuntu3) ...
Processing triggers for systemd (229-4ubuntu7) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up libisccfg-export140 (1:9.10.