GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Failed to query AppArmor policy: Permission denied tasksel: apt-get failed (100)

Manishfoodtechs · February 8, 2021, 4:31am

I am nesting lxc container ( c) inside lxc container (H). Host container(H) and container in host ( C) both are created with -c security.privileged=true -c security.nesting=true.

Everything is working fine in the container ( C). However, with certain commands, I am getting the following errors: ( eg tasksel running)

GDBus.Error:org.freedesktop.DBus.Error.AccessDenied: Failed to query AppArmor policy: Permission denied tasksel: apt-get failed (100)

I am unable to get the perfect solution to get rid of this error. Any help?

Valentin_L · February 27, 2021, 9:48am

Same problem. Any solution?

simos · February 27, 2021, 10:08am

You are trying to use tasksel, which is this one, https://wiki.debian.org/tasksel

The GDbus is about D-Bus, which is normally present on desktop environments.
tasksel appears to require it when it tries to install the desktop package selection.
But, if you do not need such a selection, it should work.
Isn’t tasksel supposed to work as well on Linux servers without any GUI component?

bmullan · November 8, 2021, 3:44pm

simos

re:

Isn’t tasksel supposed to work as well on Linux servers without any GUI component?

I too thought one of the main use-cases for TaskSel was to choose what applications & Desktop Environment you want to install on a a Server ??

I also recently started seeing this Error !

Maybe this is a bug?

bmullan · January 4, 2022, 1:47pm

anyone got any ideas about this error using tasksel?

alexpixel · May 5, 2022, 8:37pm

apparmor is a Linux Security Module implementation(a security app)
apparmor has profiles, they can be complex files. appArmor tutorial
2.1 basically 2 profiles, ENFORCE(throws ERROR like yours) or COMPLAIN(warning but continues).
the way I solved this problem, with a different SNAP app(container box) , was:
3.1 make a symbolic link from snap profiles to appArmor profiles directory . This is where appArmor command looks for permissions. /etc/apparmor.d/[profiles]

example

create link

sudo ln -s /var/lib/snapd/apparmor/profiles/snap.flutter-folio.flutter-folio \
/etc/apparmor.d/

snap.flutter-folio.flutter-folio is the binary
/etc/apparmor.d/ is the directory for profiles
\ is just for continue command by adidng a break[new line] you can delete it

command with aa-complain

sudo aa-complain snap.flutter-folio.flutter-folio

Now, you can run your app. I’m sure there is a better way for permissions, meaning, editing the profile file, but that’s for another day.

Manishfoodtechs · May 7, 2022, 4:45am

Thanks for replying. This question is still open at my end. Let me try your solution

fungcl · September 16, 2023, 3:27pm

I was struggled with a similar error message when using virt-install in Ubuntu 22.04.

Finally, disabled AppArmor in the QEMU.conf and seems to work for me.
(It is not safe, but works)
The method used is:
you can also set security_driver = “none” in /etc/libvirt/qemu.conf, instead of security_driver = “apparmor”

According to: