So it's actually being denied the ability to create a lock on a socket it would appear?
Jul 14 16:47:44 vm1 audit[3315869]: AVC apparmor="DENIED" operation="file_lock" profile="lxc-container-default-cgns" pid=3315869 comm="systemd" family="unix" sock_type="dgram" protocol=0 addr=none
Jul 14...
Hi guys,
Just stumbled across this one - using Arch in a container, once upgraded to v239 (which uses dynamic users for networkd and resolved), AA seems to be breaking it for some reason, setting the profile to unconfined allows it to work - unprivileged container is not enough
Just wondering...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.