Strange SSH issue on LXC

S

sahostking

Renowned Member
Oct 6, 2015
416
23
83
Cape Town, South Africa
www.hostking.host
We converted CentOS 6 OpenVZ containers a few months back to LXC via proxmox.

In doing so we got everthing to work.

Now cpanel recommends the following be added so crons, etc. work well:
lxc.apparmor.profile: unconfined

We did this on all the containers that were done but when we try to SSH we cant as it retuned:
Server refused to allocate pty

Note /etc/rc.sysinit change was done on these VPS servers and rebooted already aswell as the following changes:
https://github.com/jazzl0ver/lxc-centos

If we remove the line "lxc.apparmor.profile: unconfined" from the conf SSH works but things like wordpress crontjobs etc. do not.

Any ideas?
 
running containers without apparmor confinement is not recommended for security reasons. presumably (based on your mention of cpanel) these are containers which are used / managed by your customers? if so this is not a good idea at all. if specific tools run into issues because they attempt do do things which are forbidden by the profile, you need to evaluate whether it is safe to adapt the profile to allow them or not.
 
You must log in or register to reply here.
Top Bottom