After creating LXC from
In LXC logs can see
This seems to happen because Proxmox AppArmor profile prevents systemd from mounting /dev/shm
I described it bit more in https://github.com/NixOS/nixpkgs/issues/258371#issuecomment-2869136070
What would be the correct way to fix this? Does anyone know what AppArmor profile should look like and where I should update it? Could this get fixed with Proxmox update?
opensuse-15.6-default_20240910_amd64.tar.xz template and then updating it with zypper update after restart it causes agetty failing to start preventing Console usage from Proxmox.In LXC logs can see
Code:
(d-sysctl)[82]: systemd-sysctl.service: Failed at step CREDENTIALS spawning /usr/lib/systemd/systemd-sysctl: Protocol error
[...]
(tmpfiles)[97]: systemd-tmpfiles-setup.service: Failed to set up credentials: Protocol error
(tmpfiles)[97]: systemd-tmpfiles-setup.service: Failed at step CREDENTIALS spawning systemd-tmpfiles: Protocol error
systemd[1]: systemd-tmpfiles-setup.service: Main process exited, code=exited, status=243/CREDENTIALS
systemd[1]: systemd-tmpfiles-setup.service: Failed with result 'exit-code'.
systemd[1]: Failed to start Create System Files and Directories.
[...]
(agetty)[509]: container-getty@1.service: Failed to set up credentials: Protocol error
(agetty)[509]: container-getty@1.service: Failed at step CREDENTIALS spawning /sbin/agetty: Protocol error
(agetty)[532]: console-getty.service: Failed to set up credentials: Protocol error
(agetty)[532]: console-getty.service: Failed at step CREDENTIALS spawning /sbin/agetty: Protocol errorThis seems to happen because Proxmox AppArmor profile prevents systemd from mounting /dev/shm
Code:
audit: type=1400 audit(1746902438.020:570): apparmor="DENIED" operation="mount" class="mount" info="failed flags match" error=-13 profile="lxc-101_</var/lib/lxc>" name="/dev/shm/" pid=248129 comm="(sd-mkdcreds)" fstype="ramfs" srcname="ramfs" flags="rw, nosuid, nodev, noexec"
audit: type=1400 audit(1746902438.020:571): apparmor="DENIED" operation="mount" class="mount" info="failed flags match" error=-13 profile="lxc-101_</var/lib/lxc>" name="/dev/shm/" pid=248129 comm="(sd-mkdcreds)" flags="ro, nosuid, nodev, noexec, remount, bind"I described it bit more in https://github.com/NixOS/nixpkgs/issues/258371#issuecomment-2869136070
What would be the correct way to fix this? Does anyone know what AppArmor profile should look like and where I should update it? Could this get fixed with Proxmox update?