[pkg-apparmor] Bug#880502: Bug#880502: [pkg-lxc-devel] Bug#880502: lxc: cannot start container with kernel 4.13.10
Antonio Terceiro
terceiro at debian.org
Tue Dec 19 12:37:12 UTC 2017
Hi,
On Sun, Nov 05, 2017 at 01:09:10PM +0100, intrigeri wrote:
> Hi,
>
> Antonio Terceiro:
> > The workaround that works is using the setting in the container
> > configuration:
>
> > lxc.aa_profile = unconfined
>
> > with disables apparmor entirely.
>
> > I have just uploaded lxc 1:2.0.9-4 setting this for all containers. This
> > is not the greatest solution, but it's also not worse than the state of
> > affairs before apparmor was enabled by default in the Debian kernel: it
> > was already not possible to use lxc with apparmor in Debian.
>
> Fully agreed: top priority is to ensure AppArmor doesn't break things,
> so let's disable any profile that is not ready for prime time.
>
> Adding AppArmor confinement where we had none previously can
> come later.
FWIW, since apparmor 2.11.1-4 this issue is no longer reproducible, so I
am closing this bug.
I will also make a new lxc upload removing the workaround mentioned
above.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-apparmor-team/attachments/20171219/e3583eb2/attachment.sig>
More information about the pkg-apparmor-team
mailing list