I have done a ton of research and killed this container more times than I'd like to admit... so I'm giving up and asking for help! I have an LXC running ubuntu 22.04.5 with MySQL installed... this thing has been rock solid for months... now suddenly it has issues. It spams the logs with:
This is a very basic mysql server and it houses about 14mb of database... very important database but just letting you know its not a resource hog. The config look like this:
The part i don't understand is that I'm getting apparmor "DENIED" flags on the host when I'm calling for "unconfined" on the container. I rolled pve-container back to 6.0.18 just to see if that was the issue and it seemed to make zero difference. I have tried to edit the apparmor profile on the LXC to allow the location i've tried to changer permission on /var/log/mysql/error.log Like i said I have done so much and so many different ways and I have nothing. It wont start and I cant figure out why. I don't have a dump backup of the database (i know my own fault) so i don't want to abandon this. I'm not great with apparmor, so i'm open to suggestions on what might work here.
Also inside the the container mysql status is:
Code:
kernel: kauditd_printk_skb: 26 callbacks suppressed
kernel: audit: type=1400 audit(1770421234.517:859): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126511 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421234.517:860): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126511 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421234.517:861): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126511 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421234.517:862): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126511 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421234.517:863): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126511 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421234.517:864): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126511 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421235.351:865): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126650 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421235.351:866): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126650 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421235.351:867): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126650 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110
kernel: audit: type=1400 audit(1770421235.351:868): apparmor="DENIED" operation="open" class="file" profile="/usr/sbin/mysqld" name="/var/log/mysql/error.log" pid=126650 comm="mysqld" requested_mask="ac" denied_mask="ac" fsuid=110 ouid=110This is a very basic mysql server and it houses about 14mb of database... very important database but just letting you know its not a resource hog. The config look like this:
Code:
arch: amd64
cores: 2
features: mount=nfs
hostname: MySQL
memory: 2048
nameserver: 192.168.x.xxx
net0: name=eth0,bridge=vmbr0,hwaddr=xx:xx:xx:xx:xx:xx,ip=192.168.x.xxx/24,type=veth
net1: name=eth1,bridge=vmbr1,gw=192.168.x.xxx,hwaddr=xx:xx:xx:xx:xx:xx,ip=192.168.x.xxx/24,type=veth
onboot: 1
ostype: ubuntu
rootfs: VM_Storage_1:vm-512-disk-1,size=8G
searchdomain: home.local
startup: order=5
swap: 512
lxc.apparmor.profile: unconfined
lxc.cgroup2.devices.allow: a
lxc.cap.drop:
lxc.mount.auto: cgroup:rwThe part i don't understand is that I'm getting apparmor "DENIED" flags on the host when I'm calling for "unconfined" on the container. I rolled pve-container back to 6.0.18 just to see if that was the issue and it seemed to make zero difference. I have tried to edit the apparmor profile on the LXC to allow the location i've tried to changer permission on /var/log/mysql/error.log Like i said I have done so much and so many different ways and I have nothing. It wont start and I cant figure out why. I don't have a dump backup of the database (i know my own fault) so i don't want to abandon this. I'm not great with apparmor, so i'm open to suggestions on what might work here.
Also inside the the container mysql status is:
Code:
x mysql.service - MySQL Community Server
Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/mysql.service.d
`-override.conf
Active: failed (Result: exit-code) since Fri 2026-02-06 18:40:37 EST; 10min ago
Process: 329 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
Process: 337 ExecStart=/usr/sbin/mysqld (code=exited, status=1/FAILURE)
Main PID: 337 (code=exited, status=1/FAILURE)
Status: "Server shutdown complete"
Error: 9 (Bad file descriptor)
CPU: 335ms
Feb 06 18:40:37 MySQL systemd[1]: mysql.service: Scheduled restart job, restart counter is at 5.
Feb 06 18:40:37 MySQL systemd[1]: Stopped MySQL Community Server.
Feb 06 18:40:37 MySQL systemd[1]: mysql.service: Start request repeated too quickly.
Feb 06 18:40:37 MySQL systemd[1]: mysql.service: Failed with result 'exit-code'.
Feb 06 18:40:37 MySQL systemd[1]: Failed to start MySQL Community Server.