Skip to content

Instantly share code, notes, and snippets.

@wooyey

wooyey/lxc.md

Last active March 4, 2024 17:09
Show Gist options
  • Save wooyey/769258b6b7c27c6eaee729d810d14601 to your computer and use it in GitHub Desktop.
Save wooyey/769258b6b7c27c6eaee729d810d14601 to your computer and use it in GitHub Desktop.
Download ZIP
LXC
Raw
lxc.md

Troubleshooting

Problem with Apparmor

Errors on host like:

mar 04 15:17:01 xxx audit[1913824]: AVC apparmor="DENIED" operation="file_lock" profile="lxc-logs_</var/lib/lxc>" pid=1913824 comm="(l-remote)" family="unix" sock_type="dgram" protocol=0 requested_mask="send"
mar 04 15:17:01 xxx audit[1913824]: AVC apparmor="DENIED" operation="file_lock" profile="lxc-logs_</var/lib/lxc>" pid=1913824 comm="(l-remote)" family="unix" sock_type="dgram" protocol=0 requested_mask="send"

And inside container:

Mar 04 16:37:54 lxc (ostnamed)[129]: systemd-hostnamed.service: Failed to set up network namespacing: Permission denied
Mar 04 16:37:54 lxc (ostnamed)[129]: systemd-hostnamed.service: Failed at step NETWORK spawning /lib/systemd/systemd-hostnamed: Permission denied

Solution

Set PrivateNetwork to no:

systemctl edit systemd-hostnamed

Add lines:

[Service]
PrivateNetwork=no

Problem with Failed to set up mount namespacing: Operation not supported

Due to too much constraints probably ...

Switch off namespace for logs in problematic service:

systemctl edit name-of-service

Add lines:

[Service]
LogNamespace=
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment