Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
[2.0.9] apparmor change: host and guest? #2981
I have a bind setup in a container and I observed recently it fails to start for some permission denied on custom log path.
Just in case, I tried to do the change in apparmor profiles of host and after, bind started again.
is it new normal behavior? documented? not found any with a quick search.
Steps to reproduce
Cool, that indeed shows that something wrong's going on.
/usr/sbin/named in the container is confined by both the named profile OUTSIDE and the one INSIDE the container...
As far as LXD is concerned, everything looks good. The apparmor namespacing and stacking is setup properly, so the reason why both apparmor profiles got applied would be a kernel bug.
Can you please report this at https://launchpad.net/ubuntu/+source/apparmor/+filebug and mention the bug number here so I can subscribe the LXD team to it for tracking?