Problem with disable apparmor for single container

Michal_Kzn · December 18, 2020, 6:59pm

Hello,
I’m trying deploy k8s cluster inside LXD. I’am following THIS guide. Everything works fine without apparmor. Unfortunenly apparmor block deploy with conjure-up. Here is my kernel logs:

Dec 18 17:52:56 kubernetes kernel: [416846.378583] audit: type=1400 audit(1608313976.703:5615): apparmor=“DENIED” operation=“bind” profile=“snap.kube-apiserver.kube-apiserver” pid=753885 comm=“kube-apiserver” family=“unix” sock_type=“dgram” protocol=0 requested_mask=“bind” denied_mask=“bind” addr=none
Dec 18 17:52:56 kubernetes kernel: [416846.521961] audit: type=1400 audit(1608313976.847:5616): apparmor=“DENIED” operation=“bind” profile=“snap.kube-apiserver.kube-apiserver” pid=753917 comm=“kube-apiserver” family=“unix” sock_type=“dgram” protocol=0 requested_mask=“bind” denied_mask=“bind” addr=none
Dec 18 17:52:57 kubernetes kernel: [416846.711501] audit: type=1400 audit(1608313977.039:5617): apparmor=“DENIED” operation=“bind” profile=“snap.kube-apiserver.kube-apiserver” pid=753958 comm=“kube-apiserver” family=“unix” sock_type=“dgram” protocol=0 requested_mask=“bind” denied_mask=“bind” addr=none

Here is my lxd container config:

architecture: x86_64
config:
  image.architecture: amd64
  image.description: ubuntu 18.04 LTS amd64 (release) (20201211.1)
  image.label: release
  image.os: ubuntu
  image.release: bionic
  image.serial: "20201211.1"
  image.type: squashfs
  image.version: "18.04"
  linux.kernel_modules: ip_vs,ip_vs_rr,ip_vs_wrr,ip_vs_sh,ip_tables,ip6_tables,netlink_diag,nf_nat,overlay,br_netfilter
  raw.lxc: |
    lxc.apparmor.profile=unconfined
    lxc.mount.auto=proc:rw sys:rw cgroup:rw
    lxc.cgroup.devices.allow=a
    lxc.cap.drop=
  security.nesting: "true"
  security.privileged: "true"
  volatile.base_image: 95c0e536d361eb5ac953ad343e0342c2f615e4aea714ca8a64126a228b809cae
  volatile.eth0.host_name: vethde486604
  volatile.eth0.hwaddr: 00:16:3e:fb:f9:0c
  volatile.idmap.base: "0"
  volatile.idmap.current: '[]'
  volatile.idmap.next: '[]'
  volatile.last_state.idmap: '[]'
  volatile.last_state.power: RUNNING
  volatile.uuid: 17a2cfef-d443-4626-a38a-68dd68de9bb0
devices:
  mem:
    path: /dev/mem
    type: unix-char
ephemeral: false
profiles:
- default

The entry lxc.apparmor.profile=unconfined does not seem to work. The workaround is to completely disable the apparmor, but it’s not a good solution for me because I have other containers running on this host. How can I disable apparmor for single container?
(Ps. sorry for my english )

stgraber · December 18, 2020, 7:10pm

lxc.apparmor.profile=unconfined makes your container run without apparmor confinement, that doesn’t however mean that profiles cannot be loaded and used by it nor that existing apparmor profiles on the host cannot apply to it.

That’s why that option is so terrible, it effectively allows the host to mess with apparmor profiles on the host and any host apparmor profile to randomly apply to container processes.

Michal_Kzn · December 18, 2020, 7:40pm

Thx for your answer!
So how can I play with that? Is there any solution to deploy k8s in lxd?

stgraber · December 18, 2020, 8:02pm

You should stay away from the lxc.apparmor.profile=unconfined and instead use raw.apparmor to allow anything which gets blocked by the stock profile.

baleygr · March 29, 2023, 7:58am

This is an old answer, so sorry for the necrobump, but the answer is also referred in other places and shows up when googling this issue so I’d just like to ask for a clarification, for my own benefit as well as others if they stumble upon this after finding the idea of using lxc.apparmor.profile=unconfined a bit uncomfortable:

When you say that one should use raw.apparmor to allow “anything which gets blocked”, how does one go about specifically knowing what actually gets blocked (and therefore needs to be allowed?)

I’m assuming we’re talking about something kind of analogous to how you can put SELinux into permissive mode and then use the logs to create rules for the stuff that would have been blocked – but how does one do this in the “correct” way for apparmor so that you don’t need to set the profile to unconfined?

If this is too complicated or verbose for a forum post, maybe you can at least describe what needs to be done in general terms and link to some relevant apparmor documentation?

Thanks in advance.

edit: I just noticed that the microk8s docs actually recommends wgetting down this profile which simply sets lxc.apparmor.profile=unconfined, kind of strange to see that microk8s sort of “officially” recommends doing something that the LXD devs themselves do not recommend.

tomp · May 2, 2023, 7:58am

Yes that profile doesn’t “contain” the workload as its running in privileged and nested mode with apparmor disabled. So it removes pretty much all of the security protections that LXD provides.