apparmor confusion with copied LXC container using aufs/overlayfs
I have a problem that apparmor is denying read access to certain libraries needed by tools inside a copied/cloned snapshot LXC container which is using either aufs or overlayfs as a backing storage.
Note: I only encounter this problem when the container is snapshot - when I run these tools inside the container I cloned from it works absolutely fine.
For example I use aufs as a backingstorage for the LXC snapshot using lxc-copy and want to run tcpdump. tcpdump outputs the following error:
tcpdump: error while loading shared libraries: libcrypto.so.1.0.0: cannot stat shared object: Permission denied
On the host I get the following logs:
[18191.949879] audit: type=1400 audit(149562628
I've already posted this issue in the LXC bugtracker: https:/
What exactly is going on here? Is this a bug in apparmor that it's confused with aufs/overlayfs? Can I workaround it?
Question information
- Language:
- English Edit question
- Status:
- Expired
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply: