I am nesting lxc container ( c) inside lxc container (H). Host container(H) and container in host ( C) both are created with -c security.privileged=true -c security.nesting=true.
Everything is working fine in the container ( C). However, with certain commands, I am getting the following errors: ( eg tasksel running)
The GDbus is about D-Bus, which is normally present on desktop environments. tasksel appears to require it when it tries to install the desktop package selection.
But, if you do not need such a selection, it should work.
Isn’t tasksel supposed to work as well on Linux servers without any GUI component?
apparmor is a Linux Security Module implementation(a security app)
apparmor has profiles, they can be complex files. appArmor tutorial
2.1 basically 2 profiles, ENFORCE(throws ERROR like yours) or COMPLAIN(warning but continues).
the way I solved this problem, with a different SNAP app(container box) , was:
3.1 make a symbolic link from snap profiles to appArmor profiles directory . This is where appArmor command looks for permissions. /etc/apparmor.d/[profiles]
I was struggled with a similar error message when using virt-install in Ubuntu 22.04.
Finally, disabled AppArmor in the QEMU.conf and seems to work for me.
(It is not safe, but works)
The method used is:
you can also set security_driver = “none” in /etc/libvirt/qemu.conf, instead of security_driver = “apparmor”