Ubuntu
linux package

4.15.0-149-generic: lxc-attach lsm/lsm.c: lsm_process_label_set_at: 174 Operation not permitted - Failed to set AppArmor label "lxc-container-default-cgns"

Bug #1934099 reported by EOLE team
This bug report is a duplicate of:  Bug #1934187: lxd exec fails. Edit Remove
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
New
Undecided
Unassigned

Bug Description

Hello.

When testing with the bionic-proposed repository, we found that the 4.15.0-149-generic break the lxc-attach command with the following error:

  lxc-attach: bidule: lsm/lsm.c: lsm_process_label_set_at: 174 Operation not permitted - Failed to set AppArmor label "lxc-container-default-cgns"

We don't have this issue with the current 4.15.0-147.

There is no issue using the --elevated-privileges option of lxc-attach.

I join the debug log of “lxc-attach -n bidule -l debug”.

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: linux-image-4.15.0-149-generic 4.15.0-149.153
ProcVersionSignature: Ubuntu 4.15.0-149.153-generic 4.15.18
Uname: Linux 4.15.0-149-generic x86_64
AlsaDevices:
 total 0
 crw-rw---- 1 root audio 116, 1 juin 30 10:15 seq
 crw-rw---- 1 root audio 116, 33 juin 30 10:15 timer
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay': 'aplay'
ApportVersion: 2.20.9-0ubuntu7.24
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord': 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
Date: Wed Jun 30 10:21:54 2021
HibernationDevice: RESUME=/dev/mapper/bionic--vg-swap_1
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig': 'iwconfig'
Lsusb:
 Bus 001 Device 002: ID 0627:0001 Adomax Technology Co., Ltd
 Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: QEMU Standard PC (i440FX + PIIX, 1996)
PciMultimedia:

ProcEnviron:
 TERM=screen.xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=fr_FR.UTF-8
 SHELL=/bin/bash
ProcFB: 0 cirrusdrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-149-generic root=/dev/mapper/hostname--vg-root ro console=tty1
RelatedPackageVersions:
 linux-restricted-modules-4.15.0-149-generic N/A
 linux-backports-modules-4.15.0-149-generic N/A
 linux-firmware 1.173.20
RfKill: Error: [Errno 2] No such file or directory: 'rfkill': 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 04/01/2014
dmi.bios.vendor: SeaBIOS
dmi.bios.version: 1.12.0-1
dmi.chassis.type: 1
dmi.chassis.vendor: QEMU
dmi.chassis.version: pc-i440fx-3.1
dmi.modalias: dmi:bvnSeaBIOS:bvr1.12.0-1:bd04/01/2014:svnQEMU:pnStandardPC(i440FX+PIIX,1996):pvrpc-i440fx-3.1:cvnQEMU:ct1:cvrpc-i440fx-3.1:
dmi.product.name: Standard PC (i440FX + PIIX, 1996)
dmi.product.version: pc-i440fx-3.1
dmi.sys.vendor: QEMU

Revision history for this message
EOLE team (eole-team) wrote :
Revision history for this message
EOLE team (eole-team) wrote :

Tester on 4.15.0-150

  lxc-create -n bidule -t ubuntu
  […]
  lxc-start -n bidule -d
  lxc-attach -n bidule
  root@bidule:~#

Thanks.

tags: added: verification-done-bionic
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.