FS#67467 - [lxd] Backport a upstream commit to allow running without AppArmor

Attached to Project: Community Packages
Opened by Chih-Hsuan Yen (yan12125) - Sunday, 02 August 2020, 18:01 GMT
Last edited by Morten Linderud (Foxboron) - Friday, 07 August 2020, 07:24 GMT
Task Type Feature Request
Category Packages
Status Closed
Assigned To Morten Linderud (Foxboron)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:
Since lxd 4.4, containers refuse to start if apparmor is not installed:

8月 03 01:27:26 PC951 lxd[2077263]: t=2020-08-03T01:27:26+0800 lvl=eror msg="The start hook failed" container=db err="Failed to run: apparmor_parser --version: "
8月 03 01:27:56 PC951 lxd[2077263]: t=2020-08-03T01:27:56+0800 lvl=eror msg="Failed starting container" action=start created=2020-03-12T15:46:34+0800 ephemeral=false name=db project=default stateful=false used=2020-07-29T00:50:04+0800

After patching the package with the upstream fix linked below, lxd-managed containers run fine.

Additional info:

Package version: community/lxd 4.4-1
Upstream fix: https://github.com/lxc/lxd/commit/e88d0ea6392fb059a31faedc47c0d3fd77b5deaa

Steps to reproduce:
1. Make sure community/apparmor is not installed
2. Try to start containers with the latest lxd
This task depends upon

Closed by  Morten Linderud (Foxboron)
Friday, 07 August 2020, 07:24 GMT
Reason for closing:  Fixed
Additional comments about closing:  lxd 4.4-2
Comment by Morten Linderud (Foxboron) - Sunday, 02 August 2020, 18:04 GMT
apparmor should probably be an optdepends as well?
Comment by Chih-Hsuan Yen (yan12125) - Sunday, 02 August 2020, 18:06 GMT
> apparmor should probably be an optdepends as well?

Sounds reasonable.
Comment by Paul Moore (pcmoore) - Monday, 03 August 2020, 13:43 GMT
I would suggest that this is a proper bug and not a feature request as it is preventing me from starting my LXD containers this morning. What is even worse is that I can't downgrade to the LXD v4.3 package as it appears was a db schema upgrade between v4.3 and v4.4.
Comment by Morten Linderud (Foxboron) - Monday, 03 August 2020, 13:54 GMT
Lovely. Pushed 4.4-2 with the patch applied. My lxd containers start just fine, so do report back if the same doesn't happen on your end.
Comment by Paul Moore (pcmoore) - Friday, 07 August 2020, 04:08 GMT
Hi @Foxboron, I apologize that I haven't had a chance to test the updated package yet (it has been a busy week), but I did take a look just now and it appears your fix is pretty much the same as the one I put together for my local system - just backport that single patch.
Comment by Chih-Hsuan Yen (yan12125) - Friday, 07 August 2020, 04:24 GMT
Oops, I thought this ticket has been closed. I can confirm community/lxd 4.4-2 runs containrs fine without apparmor installed.
Comment by Morten Linderud (Foxboron) - Friday, 07 August 2020, 07:24 GMT
Thanks!

Loading...