From: Piviul <piviul@riminilug.it>
To: Proxmox VE user list <pve-user@lists.proxmox.com>
Subject: [PVE-User] systemd-logind.service
Date: Fri, 2 Sep 2022 10:26:17 +0200 [thread overview]
Message-ID: <5f271b1a-1a38-9861-f390-afb80ad29de5@riminilug.it> (raw)
I add that on the proxmox node I can find the following logs:
Sep 2 10:22:22 pve02 kernel: [6409941.290413] audit: type=1400
audit(1662106942.591:968): apparmor="DENIED" operation="mount"
info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>"
name="/run/systemd/unit-root/proc/" pid=3151975 comm="(d-logind)"
fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec"
Sep 2 10:22:22 pve02 kernel: [6409941.341352] audit: type=1400
audit(1662106942.643:969): apparmor="DENIED" operation="mount"
info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>"
name="/run/systemd/unit-root/proc/" pid=3151979 comm="(d-logind)"
fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec"
Sep 2 10:22:22 pve02 kernel: [6409941.391871] audit: type=1400
audit(1662106942.691:970): apparmor="DENIED" operation="mount"
info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>"
name="/run/systemd/unit-root/proc/" pid=3151983 comm="(d-logind)"
fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec"
Sep 2 10:22:22 pve02 kernel: [6409941.442322] audit: type=1400
audit(1662106942.743:971): apparmor="DENIED" operation="mount"
info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>"
name="/run/systemd/unit-root/proc/" pid=3151987 comm="(d-logind)"
fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec"
Sep 2 10:22:22 pve02 kernel: [6409941.466567] audit: type=1400
audit(1662106942.767:972): apparmor="DENIED" operation="mount"
info="failed flags match" error=-13 profile="lxc-132_</var/lib/lxc>"
name="/run/systemd/unit-root/proc/" pid=3151991 comm="(d-logind)"
fstype="proc" srcname="proc" flags="rw, nosuid, nodev, noexec"
Seems an apparmor problem... furthermore seems that old LXC doesn't
suffer of this problem but if I create a new LXC it does.
Piviul
------------------------------
On a proxmox 6.4 environment, when a user log on to a specific LXC
container machine named unifi-controller, the logon time is very slow
and on the host logs I find:
Sep 02 07:15:36 unifi-controller systemd[1978474]:
systemd-logind.service: Failed at step NAMESPACE spawning
/lib/systemd/systemd-logind: Permission denied
Sep 02 07:15:36 unifi-controller systemd[1978474]:
systemd-logind.service: Failed to set up mount namespacing:
/run/systemd/unit-root/proc: Permission denied
Other LXC doesn't have any problems. Someone can help me to find the issue?
Best regards
Piviul
next reply other threads:[~2022-09-02 9:03 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-02 8:26 Piviul [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-09-05 10:27 Kalpesh Sejpal
2022-09-08 9:58 ` Piviul
2022-09-02 7:23 Piviul
[not found] ` <mailman.49.1662383601.354.pve-user@lists.proxmox.com>
2022-09-07 4:33 ` Piviul
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5f271b1a-1a38-9861-f390-afb80ad29de5@riminilug.it \
--to=piviul@riminilug.it \
--cc=pve-user@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox