Lxd container apparmor="DENIED"

Hi all, I have a zabbix container and on every 30 mins I receive in dmesg that error message:

[Mon Mar 29 12:38:13 2021] audit: type=1400 audit(1617021554.300:16796): apparmor=“DENIED” operation=“mount” info=“failed flags match” error=-13 profile=“lxd-zabbix_</var/lib/lxd>” name=“/home/” pid=18061 comm=“(ionclean)” flags=“ro, nosuid, nodev, remount, bind”
[Mon Mar 29 13:08:13 2021] audit: type=1400 audit(1617023354.292:16797): apparmor=“DENIED” operation=“mount” info=“failed flags match” error=-13 profile=“lxd-zabbix_</var/lib/lxd>” name=“/home/” pid=9778 comm=“(ionclean)” flags=“ro, nosuid, nodev, remount, bind”
[Mon Mar 29 13:38:13 2021] audit: type=1400 audit(1617025154.311:16798): apparmor=“DENIED” operation=“mount” info=“failed flags match” error=-13 profile=“lxd-zabbix_</var/lib/lxd>” name=“/home/” pid=1423 comm=“(ionclean)” flags=“ro, nosuid, nodev, remount, bind”
[Mon Mar 29 14:08:13 2021] audit: type=1400 audit(1617026954.295:16799): apparmor=“DENIED” operation=“mount” info=“failed flags match” error=-13 profile=“lxd-zabbix_</var/lib/lxd>” name=“/home/” pid=25125 comm=“(ionclean)” flags=“ro, nosuid, nodev, remount, bind”

I’ve tried almost every single option for:
aa-complain “lxd-zabbix_</var/lib/lxd>”
escaping <>, escaping /, escaping <> and /

If this is an unprivileged container, try enabling nesting:

lxc config set <instance> security.nesting=true

Thank you!

The issue is gone.

1 Like