Hello all!
I run a simple proxmox server on the cloud, with some containers to make things more fun, and just experimenting different cloud technologies. However, ever since I've installed dropbox (I installed it on my root server - i know, bad choice!!) - It automatically took up majority of the space on my root drive (19gb), and now my containers don't ever start.
The context for dropbox is: I used it (and rsync) to keep my dropbox and folders in sync. Basically wanted to back up some underlying files, like the lxc config files - which i think may have been what has botched the containers, although the odd thing is: they're still there and i don' think that would be the issue?
Inital rsync command used to sync dropbox and the /var/lib/vz;
I checked if apparmor was running on my root server, and this seems to be an error i get too :/
systemctl status apparmor
The error i get:
pct start 102 --debug
I'm more or less aware that the apparmor config/profile was unable to load, and hence the container wasn't able to start. I've also debugged a little but I can't seem to find out what's the problem.
apparmor_parser --version
pct config 102
I would greatly appreciate any help, still a novice and learning as I go, thank you!
I run a simple proxmox server on the cloud, with some containers to make things more fun, and just experimenting different cloud technologies. However, ever since I've installed dropbox (I installed it on my root server - i know, bad choice!!) - It automatically took up majority of the space on my root drive (19gb), and now my containers don't ever start.
The context for dropbox is: I used it (and rsync) to keep my dropbox and folders in sync. Basically wanted to back up some underlying files, like the lxc config files - which i think may have been what has botched the containers, although the odd thing is: they're still there and i don' think that would be the issue?
Inital rsync command used to sync dropbox and the /var/lib/vz;
Code:
rsync -cogrtuv --delete --chown=root:root /var/lib/vz /root/Dropbox/ProxmoxBackups/devmount
I checked if apparmor was running on my root server, and this seems to be an error i get too :/
systemctl status apparmor
Code:
Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2022-08-17 04:27:57 UTC; 4s ago
Docs: man:apparmor(7)
https://gitlab.com/apparmor/apparmor/wikis/home/
Process: 8285 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, status=1/FAILURE)
Main PID: 8285 (code=exited, status=1/FAILURE)
Aug 17 04:27:57 ns5010417 apparmor.systemd[8285]: /sbin/apparmor_parser: Unable to replace "smbldap-useradd". Profile doesn't conform to protocol
Aug 17 04:27:57 ns5010417 apparmor.systemd[8285]: /sbin/apparmor_parser: Unable to replace "sanitized_helper". Profile doesn't conform to protocol
Aug 17 04:27:57 ns5010417 apparmor.systemd[8285]: /sbin/apparmor_parser: Unable to replace "/usr/bin/pidgin". Profile doesn't conform to protocol
Aug 17 04:27:57 ns5010417 apparmor.systemd[8285]: /sbin/apparmor_parser: Unable to replace "sanitized_helper". Profile doesn't conform to protocol
Aug 17 04:27:57 ns5010417 apparmor.systemd[8285]: /sbin/apparmor_parser: Unable to replace "/usr/bin/totem". Profile doesn't conform to protocol
Aug 17 04:27:57 ns5010417 apparmor.systemd[8285]: /sbin/apparmor_parser: Unable to replace "/usr/bin/totem-audio-preview". Profile doesn't conform to protocol
Aug 17 04:27:57 ns5010417 apparmor.systemd[8285]: Error: At least one profile failed to load
Aug 17 04:27:57 ns5010417 systemd[1]: apparmor.service: Main process exited, code=exited, status=1/FAILURE
Aug 17 04:27:57 ns5010417 systemd[1]: apparmor.service: Failed with result 'exit-code'.
Aug 17 04:27:57 ns5010417 systemd[1]: Failed to start Load AppArmor profiles.
The error i get:
pct start 102 --debug
Code:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_TERMINAL = "iTerm2",
LC_CTYPE = "UTF-8",
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
run_apparmor_parser: 882 Failed to run apparmor_parser on "/var/lib/lxc/102/apparmor/lxc-102_<-var-lib-lxc>": apparmor_parser: Unable to replace "lxc-102_</var/lib/lxc>". Profile doesn't conform to protocol
apparmor_prepare: 1052 Failed to load generated AppArmor profile
lxc_init: 832 Failed to initialize LSM
__lxc_start: 1945 Failed to initialize container "102"
g script "/usr/share/lxc/hooks/lxc-pve-prestart-hook" for container "102", config section "lxc"
DEBUG terminal - terminal.c:lxc_terminal_peer_default:665 - No such device - The process does not have a controlling terminal
DEBUG seccomp - seccomp.c:parse_config_v2:656 - Host native arch is [3221225534]
INFO seccomp - seccomp.c:parse_config_v2:807 - Processing "reject_force_umount # comment this to allow umount -f; not recommended"
INFO seccomp - seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
INFO seccomp - seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
INFO seccomp - seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
INFO seccomp - seccomp.c:parse_config_v2:807 - Processing "[all]"
INFO seccomp - seccomp.c:parse_config_v2:807 - Processing "kexec_load errno 1"
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding native rule for syscall[246:kexec_load] action[327681:errno] arch[0]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[246:kexec_load] action[327681:errno] arch[1073741827]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[246:kexec_load] action[327681:errno] arch[1073741886]
INFO seccomp - seccomp.c:parse_config_v2:807 - Processing "open_by_handle_at errno 1"
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding native rule for syscall[304:open_by_handle_at] action[327681:errno] arch[0]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[304:open_by_handle_at] action[327681:errno] arch[1073741827]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[304:open_by_handle_at] action[327681:errno] arch[1073741886]
INFO seccomp - seccomp.c:parse_config_v2:807 - Processing "init_module errno 1"
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding native rule for syscall[175:init_module] action[327681:errno] arch[0]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[175:init_module] action[327681:errno] arch[1073741827]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[175:init_module] action[327681:errno] arch[1073741886]
INFO seccomp - seccomp.c:parse_config_v2:807 - Processing "finit_module errno 1"
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding native rule for syscall[313:finit_module] action[327681:errno] arch[0]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[313:finit_module] action[327681:errno] arch[1073741827]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[313:finit_module] action[327681:errno] arch[1073741886]
INFO seccomp - seccomp.c:parse_config_v2:807 - Processing "delete_module errno 1"
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding native rule for syscall[176:delete_module] action[327681:errno] arch[0]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[176:delete_module] action[327681:errno] arch[1073741827]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[176:delete_module] action[327681:errno] arch[1073741886]
INFO seccomp - seccomp.c:parse_config_v2:807 - Processing "keyctl errno 38"
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding native rule for syscall[250:keyctl] action[327718:errno] arch[0]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[250:keyctl] action[327718:errno] arch[1073741827]
INFO seccomp - seccomp.c:do_resolve_add_rule:566 - Adding compat rule for syscall[250:keyctl] action[327718:errno] arch[1073741886]
INFO seccomp - seccomp.c:parse_config_v2:1017 - Merging compat seccomp contexts into main context
ERROR apparmor - lsm/apparmor.c:run_apparmor_parser:882 - Failed to run apparmor_parser on "/var/lib/lxc/102/apparmor/lxc-102_<-var-lib-lxc>": apparmor_parser: Unable to replace "lxc-102_</var/lib/lxc>". Profile doesn't conform to protocol
ERROR apparmor - lsm/apparmor.c:apparmor_prepare:1052 - Failed to load generated AppArmor profile
ERROR start - start.c:lxc_init:832 - Failed to initialize LSM
ERROR start - start.c:__lxc_start:1945 - Failed to initialize container "102"
DEBUG conf - conf.c:idmaptool_on_path_and_privileged:2741 - The binary "/usr/bin/newuidmap" does have the setuid bit set
DEBUG conf - conf.c:idmaptool_on_path_and_privileged:2741 - The binary "/usr/bin/newgidmap" does have the setuid bit set
DEBUG conf - conf.c:lxc_map_ids:2809 - Functional newuidmap and newgidmap binary found
startup for container '102' failed
I'm more or less aware that the apparmor config/profile was unable to load, and hence the container wasn't able to start. I've also debugged a little but I can't seem to find out what's the problem.
apparmor_parser --version
Code:
AppArmor parser version 2.13.2
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2018 Canonical Ltd.
pct config 102
Code:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_TERMINAL = "iTerm2",
LC_CTYPE = "UTF-8",
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
arch: amd64
cores: 4
description: ID 100 template is the first template for ubuntu 18.04 configured for OVH Failover IPs%0A
hostname: bchewyme
memory: 16000
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=02:00:00:c2:ca:5e,ip=dhcp,ip6=dhcp,type=veth
onboot: 1
ostype: ubuntu
rootfs: local:102/vm-102-disk-0.raw,size=32G
swap: 1000
unprivileged: 1
lxc.cgroup.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file
I would greatly appreciate any help, still a novice and learning as I go, thank you!
Last edited: