Hi guys!
I have a problem with a debian container with a zarafa installation and no special config, but when trying to start the container, I get the following syslog errors:
Sep 26 09:22:45 pve-test kernel: [38896.195891] audit: type=1400 audit(1601104965.516:129): apparmor="DENIED" operation="moun t" info="failed flags match" error=-13 profile="lxc-107_</var/lib/lxc>" name="/" pid=2145 comm="mount" flags="rw, remount"
Sep 26 09:22:45 pve-test kernel: [38896.203869] audit: type=1400 audit(1601104965.524:130): apparmor="DENIED" operation="moun t" info="failed flags match" error=-13 profile="lxc-107_</var/lib/lxc>" name="/" pid=2146 comm="mount" flags="rw, remount, re latime"
Sep 26 09:22:45 pve-test kernel: [38896.399265] audit: type=1400 audit(1601104965.720:132): apparmor="DENIED" operation="moun t" info="failed flags match" error=-13 profile="lxc-107_</var/lib/lxc>" name="/run/lock/" pid=2427 comm="mount" flags="rw, no suid, nodev, noexec, remount, relatime"
Sep 26 09:22:45 pve-test kernel: [38896.515770] audit: type=1400 audit(1601104965.836:133): apparmor="DENIED" operation="moun t" info="failed flags match" error=-13 profile="lxc-107_</var/lib/lxc>" name="/run/shm/" pid=2622 comm="mount" flags="rw, nos uid, nodev, noexec, remount"
Sep 26 09:22:45 pve-test kernel: [38896.530423] audit: type=1400 audit(1601104965.852:134): apparmor="DENIED" operation="moun t" info="failed flags match" error=-13 profile="lxc-107_</var/lib/lxc>" name="/dev/pts/" pid=2633 comm="mount" flags="rw, nos uid, noexec, remount"
Sep 26 09:22:46 pve-test kernel: [38896.994618] audit: type=1400 audit(1601104966.316:135): apparmor="DENIED" operation="moun t" info="failed flags match" error=-13 profile="lxc-107_</var/lib/lxc>" name="/dev/pts/" pid=3254 comm="mount" fstype="devpts " srcname="none"
Any idea where this is coming from or why this is happening?
Thank you in advance
Harald
Here is the output of the startup command before it hangs:
root@pve-test:~# lxc-start -n 107 -F -l DEBUG
mount: cannot remount block device sysfs read-write, is write-protected
mountall: mount /sys [43] terminated with status 32
mountall: Filesystem could not be mounted: /sys
mountall: Skipping mounting /sys since Plymouth is not available
[warn] udev does not support containers, not started ... (warning).
[ ok ] Activating swap...done.
mount: cannot remount block device /dev/loop5 read-write, is write-protected
[ ok ] Cleaning up temporary files... /tmp.
mount: cannot remount block device none read-write, is write-protected
mount: cannot remount block device none read-write, is write-protected
mount: cannot remount block device proc read-write, is write-protected
mount: cannot mount block device sysfs read-only
mount: cannot remount block device none read-write, is write-protected
mount: cannot remount block device none read-write, is write-protected
[warn] Mount point '/proc/sysrq-trigger' does not exist. Skipping mount. ... (warning).
[warn] Filesystem type 'fuse.lxcfs' is not supported. Skipping mount. ... (warning).
[warn] Filesystem type 'fuse.lxcfs' is not supported. Skipping mount. ... (warning).
[warn] Filesystem type 'fuse.lxcfs' is not supported. Skipping mount. ... (warning).
[warn] Filesystem type 'fuse.lxcfs' is not supported. Skipping mount. ... (warning).
[warn] Filesystem type 'fuse.lxcfs' is not supported. Skipping mount. ... (warning).
[warn] Filesystem type 'fuse.lxcfs' is not supported. Skipping mount. ... (warning).
[warn] Filesystem type 'fuse.lxcfs' is not supported. Skipping mount. ... (warning).
[warn] Filesystem type 'fuse.lxcfs' is not supported. Skipping mount. ... (warning).
[warn] Mount point '/dev/console' does not exist. Skipping mount. ... (warning).
[warn] Mount point '/proc/sys/kernel/random/boot_id' does not exist. Skipping mount. ... (warning).
[warn] Mount point '/dev/ptmx' does not exist. Skipping mount. ... (warning).
[warn] Mount point '/dev/tty1' does not exist. Skipping mount. ... (warning).
[warn] Mount point '/dev/tty2' does not exist. Skipping mount. ... (warning).
[warn] Fast boot enabled, so skipping file system check. ... (warning).
[....] Mounting local filesystems...mount: block device none is write-protected, mounting read-only
done.
[ ok ] Activating swapfile swap...done.
[ ok ] Cleaning up temporary files....
[ ok ] Setting kernel variables ...done.
[ ok ] Cleaning up temporary files....
[ ok ] Starting enhanced syslogd: rsyslogd.
[ ok ] Starting OpenBSD Secure Shell server: sshd.
[ ok ] Starting Zarafa LMTP dagent: zarafa-dagent.
[ ok ] Starting Zarafa gateway: zarafa-gateway.
[FAIL] Starting Zarafa ical gateway: zarafa-ical failed!
[ ok ] Starting Zarafa licensed: zarafa-licensed.
[....] Starting Zarafa monitor: zarafa-monitorWarning: Terminal locale not UTF-8, but UTF-8 locale is being forced.
Screen output may not be correctly printed.
. ok
[ ok ] Starting Zarafa search: zarafa-search.
[warn] Starting Zarafa server: zarafa-server (warning).
[ ok ] Starting Zarafa spooler: zarafa-spooler.
[ ok ] Starting periodic command scheduler: cron.
[....] Starting web server: apache2[Sat Sep 26 11:49:12 2020] [warn] NameVirtualHost *:80 has no VirtualHosts
. ok
but after adding “lxc.apparmor.profile = unconfined” to the config file, the container is starting, although there are still errors in syslog. But now I cannot login via ssh and get: