On Mon, 2022-06-13 at 22:59 +0200, Carsten Brandt wrote: > Hi Mathias, > > I finally found the time to try out your lxd package. Thanks for trying it out! > > I built the package on a debian sid system. > > Installing works fine, except the known issue with lxc bash > completion. > So when removing lxc, installing lxd works. > > After that I ran lxd init and tried to start a container, it seems > that > apparmor is required for lxd to work correctly: > > > # lxc launch ubuntu:22.04 > > > Creating the instance > > > Instance name is: key-mammal > > > Starting key-mammal > > > Error: Failed to run: /usr/bin/lxd forkstart key-mammal /var/lib> > > /lxd/containers /var/log/lxd/key-mammal/lxc.conf: > > > Try `lxc info --show-log local:key-mammal` for more info > > > > # lxc info --show-log local:key-mammal > > > Name: key-mammal > > > Status: STOPPED > > > Type: container > > > Architecture: x86_64 > > > Created: 2022/06/13 22:47 CEST > > > Last Used: 2022/06/13 22:47 CEST > > > > > > Log: > > > > > > lxc key-mammal 20220613204732.414 ERROR apparmor - > > lsm/apparmor.c:apparmor_process_label_set_at:1183 - No such file > or > > directory - Failed to write AppArmor profile "lxc-container- > default- > > cgns" to 17 > > > lxc key-mammal 20220613204732.414 ERROR apparmor - > > lsm/apparmor.c:apparmor_process_label_set:1229 - Invalid argument > - > > Failed to change AppArmor profile to lxc-container-default-cgns > > > lxc key-mammal 20220613204732.415 ERROR sync - > sync.c:sync_wait:34 > > - An error occurred in another process (expected sequence number > 4) > > > lxc key-mammal 20220613204732.424 WARN network - > > network.c:lxc_delete_network_priv:3617 - Failed to rename > interface > > with index 0 from "eth0" to its initial name "veth68ac60be" > > > lxc key-mammal 20220613204732.424 ERROR lxccontainer - > > lxccontainer.c:wait_on_daemonized_start:867 - Received container > state > > "ABORTING" instead of "RUNNING" > > > lxc key-mammal 20220613204732.424 ERROR start - > > start.c:__lxc_start:2068 - Failed to spawn container "key-mammal" > > > lxc key-mammal 20220613204732.424 WARN start - > > start.c:lxc_abort:1038 - No such process - Failed to send SIGKILL > via > > pidfd 17 for process 2999180 > > > lxc 20220613204737.512 ERROR af_unix - > > af_unix.c:lxc_abstract_unix_recv_fds_iov:218 - Connection reset by > > peer - Failed to receive response > > > lxc 20220613204737.512 ERROR commands - > > commands.c:lxc_cmd_rsp_recv_fds:127 - Failed to receive file > > descriptors > > after installing apparmor (apt install apparmor) everything works > fine. > > Should apparmor be added as a dependency to the lxd package? That is interesting -- I've opened a bug with the upstream developers (https://github.com/lxc/lxd/issues/10560) with some additional details as I was able to reproduce the issue as well. Regarding making apparmor a dependency for LXD, it is currently recommended in d/control, which I think is correct, based on my reading of Policy Chapter 7.2. Upstream does state that apparmor is an optional feature of LXD, which is why I listed it as a Recommends, and not a Depends. If there's consensus that the LXD package should depend on apparmor, that's an easy enough change to make. Thanks, Mathias
Attachment:
signature.asc
Description: This is a digitally signed message part