Skip to content
This repository has been archived by the owner on Feb 13, 2024. It is now read-only.

Anbox without apparmor settings? #1852

Open
stevenvandenbrandenstift opened this issue Jul 2, 2021 · 4 comments · May be fixed by #1856
Open

Anbox without apparmor settings? #1852

stevenvandenbrandenstift opened this issue Jul 2, 2021 · 4 comments · May be fixed by #1856

Comments

@stevenvandenbrandenstift
Copy link

Hello,

on a distro that does by default not use apparmor or snaps (alpinelinux),
the apparmor setting is breaking the startup.

For now we tried just making a patch to disable the setting for alpine and that makes the container start.
https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/22712/diffs#78433bd8a2455730339f7eb48121ce83cd93b235

Can I make a pull request with a extra ifdef cause to disable the setting (to disable apparmor support) for the container or do you have other suggestions?
@stevenvandenbrandenstift stevenvandenbrandenstift changed the title Anbox with apparmor settings? Anbox without apparmor settings? Jul 3, 2021
necessarily-equal added a commit to necessarily-equal/anbox that referenced this issue Jul 8, 2021
@necessarily-equal
lxc: remove apparmor dependency
71fb271 
asking for "unconfined" apparmor profile causes a crash with kernels
that don't have apparmor support enabled.

Closes anbox#1852.
necessarily-equal added a commit to necessarily-equal/anbox that referenced this issue Jul 8, 2021
@necessarily-equal
lxc: remove apparmor dependency
baab3ff 
asking for "unconfined" apparmor profile causes a crash with kernels
that don't have apparmor support enabled.

	Failed to start container: Failed to start container: Failed to set config item lxc.apparmor.profile

Closes anbox#1852.
@necessarily-equal necessarily-equal linked a pull request Jul 8, 2021 that will close this issue
Open
@necessarily-equal
Copy link
Contributor

Hi, I went ahead and made a pull request for it #1856. By experience, I'd say not much will happen by making issues on this bug tracker 😅

@stevenvandenbrandenstift
Copy link
Author

Well, I believe the pull request will never be accepted since its probably needed if you do use apparmor, I think we need a compile time option to disable apparmor support. Lets see if we can get response on here or pull request.

@stale
Copy link

stale bot commented Apr 18, 2022

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the decaying label Apr 18, 2022
@Fuseteam
Copy link

Has an open pull request

@stale stale bot removed the decaying label Apr 19, 2022
necessarily-equal added a commit to necessarily-equal/anbox that referenced this issue Jul 14, 2022
@necessarily-equal
lxc: remove apparmor dependency
aa0222d 
asking for "unconfined" apparmor profile causes a crash with kernels
that don't have apparmor support enabled.

	Failed to start container: Failed to start container: Failed to set config item lxc.apparmor.profile

Closes anbox#1852.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

lxc: remove apparmor dependency necessarily-equal/anbox
3 participants
@stevenvandenbrandenstift @Fuseteam @necessarily-equal