Public bug reported:
Prior filing this as potential bug help was sought but did not yield a
remedy
https://discuss.linuxcontainers.org/t/3-0-2-bug-cannot-create-root-
password-in-privileged-container/3425
host - ubuntu cosmic with 4.18.0-12 kernel / systemd 239-7 / apparmor
2.12
Whilst there is
** Description changed:
Prior filing this as potential bug help was sought but did not yield a
remedy
https://discuss.linuxcontainers.org/t/3-0-2-bug-cannot-create-root-
password-in-privileged-container/3425
- host - ubuntu cosmic with 4.18.0-12 kernel / systemd 239-7 / apparmor
+ ho
The issue persists after having upgraded lxc to version 3.0.3
** Summary changed:
- lxc 3.0.2 - cannot create root password in privileged container
+ lxc 3.0.2/3 - cannot create root password in privileged container
--
You received this bug notification because you are a member of Ubuntu
Touc
The issue is due to the lxc logic of applying in deploying in
default.conf
lxc.idmap = u 0 10 65536
lxc.idmap = g 0 10 65536
in which case the container is ultimately constructed as unprivileged
container and such cannot be reverted with a the container specific
config.
** Changed in: lx
Public bug reported:
cosmic | openssl 1.1.1-1
Since 1.1.1.a-1 provides support for blake2b512 / sha3-512 it would be
expected such to work when generating certificates which however does
not.
OpenSSL> list -digest-commands
blake2b512 blake2s256 gost md4
md5 mdc2 rmd160 sha1
sha224 sha256 sha3-22
Public bug reported:
Host unbuntu cosmic | lxc 3.0.3 | aa 2.12 | systemd 239-7
Guest Arch Linux | systemd 240.0
After having upgraded in the guest systemd from 239.370 to 240.0 the
host's AA is exhibiting
> audit: type=1400 audit(1547125168.853:722): apparmor="DENIED"
operation="mount" info="fai
profile="lxc-container-default-cgns"
profile lxc-container-default-cgns flags=(attach_disconnected,mediate_deleted) {
#include
# the container may never be allowed to mount devpts. If it does, it
# will remount the host's devpts. We could allow it to do it with
# the newinstance option
strace does not seem to be the tool to figure out the info you are
asking for. Considering that the pid of the involved processes would be
unknown at the time of starting strace. And executing the process(es)
from the cli along with strace will not bear fruit for the case.
Going back to the log me
Some further input from the lxc dev team:
> What systemd wants to do is the equivalent of executing mount --make-rslave /
> on the commandline. The syscall from systemd specifically AFAICT is:
> mount(NULL, "/", NULL, MS_REC|MS_SLAVE, NULL);
As for the AppArmor profile rule, see
https://github.
This issue accelerating/cascading to the extent that that the lxc arch
linux guest is now entirely dead
https://bugs.archlinux.org/task/61428
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.la
*** This bug is a duplicate of bug 1813622 ***
https://bugs.launchpad.net/bugs/1813622
** This bug has been marked a duplicate of bug 1813622
systemd-resolved, systemd-networkd and others fail to start in lxc container
with v240 systemd
--
You received this bug notification because you a
Public bug reported:
branches cosmic & disco
the impact of current lxc aa rules in conjunction with systemd v240 is
outlined here
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1813622/comments/10
Whilst LXC committed the patch to its master
https://github.com/lxc/lxd/commit/a6b78070335
https://github.com/lxc/lxd/issues/5439#issuecomment-461257784
> The fix in LXD is only partial because there's currently no safe way
for us to fix that for privileged containers due to an apparmor parser
bug that the AppArmor team is still working on.
So we've made the change only to the unprivil
Whilst 'lxc.apparmor.profile: unconfined' appears the only way to keep
unprivileged lxc guests with systemd v240 alive it defeats the purpose
of AppArmor.
Notwithstanding, the tail riding on this bug
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1813622
https://git.launchpad.net/~ubuntu-
adding cross reference
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916639#85
> I think that disabling AppArmor by default for new LXC containers for
Buster would be an OK-ish fallback option, if nothing else can
realistically be made to work in time for the freeze; that would be
sad, but it
Public bug reported:
unprivileged lxc containers do not start with mainline kernel 4.18. This been
discussed:
- https://lists.linuxfoundation.org/pipermail/containers/2018-June/039176.html
- https://discuss.linuxcontainers.org/t/lxd-3-0-1-with-kernel-4-18/2147/10
and a patch been issued
https://
Looking forward to 3.0.2 then. Whilst 4.18 is indeed not shipping the
thread in the lxc forum at least indicates that there are a few users on
the mainline kernel.
Like I just updated to 4.18 and then remembered the forum thread.
Want to close this as fixed then (with the upcoming release of 3.0.
lxc 3.0.2 available from the bionic repo, just upgraded and subsequent
to ml kernel 4.18.14
** Changed in: lxc (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
h
Public bug reported:
My usb connect Hp Laserjet 1018 worked on Ubuntu 14.04 but after a update
through 14.10 and then 15.04, CUPS no longer sees it.
I did not test in 14.10 since I went right to 15.04.
Here is some of the requested info
$ lsmod |grep usb
btusb 32768 0
usb_sto
After having upgraded the host to:
unbuntu disco (19.04) | kernel 5.0.0-13 | aa 2.13.2-9 | systemd 240-6
the issue is still present
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.n
> did you try to use sha3-512 and did that work?
please see the initial report:
> or 'default_md = sha3-512'
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1810129
Title:
Public bug reported:
apt-get upgrade is not working
ProblemType: Package
DistroRelease: Kali 2017.1
Package: console-setup-linux 1.164
ProcVersionSignature: Ubuntu 4.8.0-36.36~16.04.1-generic 4.8.11
Uname: Linux 4.8.0-36-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.5
Architecture: amd64
Date: We
22 matches
Mail list logo
