Hi all,
I have just updated my testing environment to latest Proxmox test repo versions.
With a Jessie container I now see two issues:
- dovecot won't start due to:
- the webserver panel iMSCP won't create it's bind mounts
This looks pretty common on Google but does not seem to make problems:
So apparently I need rslave and bind options to mount. /etc/apparmor.d/lxc/lxc-default has bind:
/etc/apparmor.d/abstractions/lxc/start-container has rslave:
So this must have worked in 4.1 as I know the services were running and mounts did exist. Now after update this does not work anymore.
I would appreciate any hints.
I have just updated my testing environment to latest Proxmox test repo versions.
With a Jessie container I now see two issues:
- dovecot won't start due to:
Code:
[ 986.894869] audit: type=1400 audit(1464177673.467:8): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-container-default" name="/" pid=8444 comm="(dovecot)" flags="rw, rslave"
Code:
May 25 12:53:24 proxmox kernel: [12940.717171] audit: type=1400 audit(1464173604.779:107): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default" name="/var/www/virtual/website.de/logs/website.de/" pid=4757 comm="mount" srcname="/var/log/apache2/website.de/" flags="rw, bind"This looks pretty common on Google but does not seem to make problems:
Code:
May 25 13:36:57 proxmox kernel: [ 91.471191] audit: type=1400 audit(1464176217.534:6): apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default" name="/sys/fs/cgroup/" pid=2946 comm="systemd" flags="ro, nosuid, nodev, noexec, remount, strictatime"So apparently I need rslave and bind options to mount. /etc/apparmor.d/lxc/lxc-default has bind:
Code:
mount options=(rw,bind,ro),
Code:
mount options=(rw, make-rslave) -> **,So this must have worked in 4.1 as I know the services were running and mounts did exist. Now after update this does not work anymore.
I would appreciate any hints.
