[Bug 993706] Re: Fix lxc-execute without rootfs failing apparmor transitions

[Serge Hallyn]

** Description changed:

+ =================================
+ SRU Justification:
+ 1. impact: lxc-execute fails when apparmor transition is requested (as it is by default)
+ 2. development fix: make sure the container's own proc is mounted before attempting apparmor context transition
+ 3. stable fix: same as development fix
+ 4. test case:
+    lxc-execute -n foo /bin/bash
+ 5. Regression potential: apparmor transitions could break for containers if this is done wrong.  However, the lxc testsuite passed with these patches
+ ==================================
+ 
  On a Precise system, LXC is no longer working:
  
  # lxc-execute -n foo /bin/bash
  lxc-execute: Permission denied - failed to change apparmor profile to lxc-container-default
  lxc-execute: invalid sequence number 1. expected 2
  lxc-execute: failed to spawn 'foo'
  #
  
  At a minimum, I'm guessing lxc-execute needs a profile similar to lxc-
  start, but trying to run lxc-start failed with the same error.
  
  AfC

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/993706

Title:
  Fix lxc-execute without rootfs failing apparmor transitions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/993706/+subscriptions