From: Todor Petkov <petkovptodor@gmail.com>
To: Proxmox VE user list <pve-user@lists.proxmox.com>,
Marco Gaiarin <gaio@lilliput.linux.it>
Subject: Re: [PVE-User] Bullseye LXC and logrotate...
Date: Thu, 28 Oct 2021 17:03:33 +0300 [thread overview]
Message-ID: <2f73acbf-f8bc-ca4d-1e2d-f2208cacff08@gmail.com> (raw)
In-Reply-To: <n1bq4i-kuf.ln1@hermione.lilliput.linux.it>
On Thu, 2021-10-28 1:36 PM, Marco Gaiarin wrote:
>
> Setup a pretty standard LXC container on bullseye, on a PVE7 server.
>
> Every time logrotate run on LXC i got on LXC:
>
> Oct 28 00:00:59 vbaculaacpn1 systemd[106367]: logrotate.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied
> Oct 28 00:00:59 vbaculaacpn1 systemd[106367]: logrotate.service: Failed at step NAMESPACE spawning /usr/sbin/logrotate: Permission denied
> Oct 28 00:00:59 vbaculaacpn1 systemd[1]: logrotate.service: Main process exited, code=exited, status=226/NAMESPACE
> Oct 28 00:00:59 vbaculaacpn1 systemd[1]: logrotate.service: Failed with result 'exit-code'.
> Oct 28 00:00:59 vbaculaacpn1 systemd[1]: Failed to start Rotate log files.
>
> And on PVE:
>
> Oct 28 00:00:59 beppe kernel: [280466.359176] audit: type=1400 audit(1635372059.192:31): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-102_</var/lib/lxc>" name="/run/systemd/unit-root/proc/" pid=3059401 comm="(ogrotate)" fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec"
>
>
> ?! I've tried to google around a bit, but found nothing.
>
>
> Thanks.
>
Hello,
check
https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1713773.html
and https://forum.proxmox.com/threads/logrotate-issue-in-buster-lxc.56726/
There are other links in Google when you search for Failed at step
NAMESPACE spawning pve logrotate
Regards
next prev parent reply other threads:[~2021-10-28 14:03 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-28 10:36 Marco Gaiarin
2021-10-28 14:03 ` Todor Petkov [this message]
[not found] ` <mailman.66.1635429832.15957.pve-user@lists.proxmox.com>
2021-10-29 10:28 ` Marco Gaiarin
[not found] ` <mailman.83.1635508452.15957.pve-user@lists.proxmox.com>
2021-11-01 20:43 ` Marco Gaiarin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2f73acbf-f8bc-ca4d-1e2d-f2208cacff08@gmail.com \
--to=petkovptodor@gmail.com \
--cc=gaio@lilliput.linux.it \
--cc=pve-user@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.