Failed to set LXC config: lxc.apparmor.profile=unconfined

tenforward · June 28, 2022, 11:21am

Hi,

I use LXC/LXD on Plamo Linux. (I am maintainer of LXC/LXD on Plamo )

Plamo’s kernel does not support AppArmor, so we build LXC without AppArmor.

When I upgrade LXD from 5.0.0 to 5.3, then the container do not start. (I am using LXC 5.0.0.)

$ lxc start c1
Error: Load go-lxc struct: Failed to set LXC config: lxc.apparmor.profile=unconfined
$ lxc info --show-log c1
  : (snip)
lxc 20220628110859.418 ERROR    confile - ../../Plamo-src/plamo/16_virtualization/lxc/lxc-5.0.0/src/lxc/confile.c:set_config_apparmor_profile:1645 - Invalid argument - Built without AppArmor support

I have done some research.

LXD 5.1, 5.2 with LXC 5.0.0: Same error.
LXD 5.0.0 with LXC 5.0.0: No error. A container is started.
LXD 5.3 with LXC 4.0.12: No error. A container is started.

Do you know what could be causing this? Is there something wrong with the build method? Or is it a misconfiguration?

tenforward · June 28, 2022, 1:58pm

Hi,

I did a little more research. Reverting this patch now works well.

Isn’t this improvement an error when trying to set lxc.apparmor.profile on liblxc without apparmor support?

Should I create an Issue on github?

tomp · June 28, 2022, 2:45pm

Yes please can you create an issue at Issues · lxc/lxd · GitHub and reference the patch that broke it. Thanks!

stgraber · June 28, 2022, 2:51pm

tenforward · June 28, 2022, 3:13pm

@stgraber Thanks for your quick response!!