How to give permissions to a service?

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

I have a ubuntu installation running Docker on a proxmox hypervisor. When I try to run docker-compose start, the containers fail with the following error:

Cannot start service: AppArmor enabled on system but the docker-default profile could not be loaded: running /sbin/apparmor_parser apparmor_parser -Kr /var/lib/docker/tmp/docker-default795966144 failed with output: apparmor_parser: Unable to replace “docker-default”. Permission denied; attempted to load a profile while confined?

Running systemctl status apparmor gives the following message:

apparmor.service – AppArmor initialization
Loaded: loaded (/lib/systemd/system/apparmor.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sun 2020-09-13 01:53:58 UTC; 3h 15min ago
Docs: man:apparmor(7)
http://wiki.apparmor.net/
Process: 624 ExecStart=/etc/init.d/apparmor start (code=exited, status=123)
Main PID: 624 (code=exited, status=123)

Sep 13 01:53:58 DockerLXC apparmor[624]: Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
Sep 13 01:53:58 DockerLXC apparmor[624]: Error: Could not replace profile /etc/apparmor.d/cache/sbin.dhclient: Permission denied
Sep 13 01:53:58 DockerLXC apparmor[624]: Error: Could not replace profile /etc/apparmor.d/cache/usr.sbin.tcpdump: Permission denied
Sep 13 01:53:58 DockerLXC apparmor[624]: /sbin/apparmor_parser: Unable to replace “/usr/bin/man”. Permission denied; attempted to load a profile while confined?
Sep 13 01:53:58 DockerLXC apparmor[624]: /sbin/apparmor_parser: Unable to replace “/usr/sbin/tcpdump”. Permission denied; attempted to load a profile while confined?
Sep 13 01:53:58 DockerLXC apparmor[624]: /sbin/apparmor_parser: Unable to replace “/sbin/dhclient”. Permission denied; attempted to load a profile while confined?
Sep 13 01:53:58 DockerLXC apparmor[624]: …fail!
Sep 13 01:53:58 DockerLXC systemd[1]: apparmor.service: Main process exited, code=exited, status=123/n/a
Sep 13 01:53:58 DockerLXC systemd[1]: apparmor.service: Failed with result ‘exit-code’.
Sep 13 01:53:58 DockerLXC systemd[1]: Failed to start AppArmor initialization.

It seems that AppArmor does not have the necessary permissions to start, so how can I allow AppArmor the permission it requires?

X ITM Cloud News

Marisa

Leave a Reply

Next Post

VNC login to Ubuntu Server 18.04.5LTS running Lightdm presents a blank desktop

Sun Sep 13 , 2020
Spread the love          Running a headless Ubuntu Server (…server) 18.04.5 LTS setup. Installed the lightdm package and x11vnc. When I connect with vnc viewer, all goes smoothy – vnc credentials accepted, and I am presented with your standard ubuntu login screen (you can see the tool bar at the top, and […]
X- ITM

Cloud Computing – Consultancy – Development – Hosting – APIs – Legacy Systems

X-ITM Technology helps our customers across the entire enterprise technology stack with differentiated industry solutions. We modernize IT, optimize data architectures, and make everything secure, scalable and orchestrated across public, private and hybrid clouds.

This image has an empty alt attribute; its file name is x-itmdc.jpg

The enterprise technology stack includes ITO; Cloud and Security Services; Applications and Industry IP; Data, Analytics and Engineering Services; and Advisory.

Watch an animation of  X-ITM‘s Enterprise Technology Stack

We combine years of experience running mission-critical systems with the latest digital innovations to deliver better business outcomes and new levels of performance, competitiveness and experiences for our customers and their stakeholders.

X-ITM invests in three key drivers of growth: People, Customers and Operational Execution.

The company’s global scale, talent and innovation platforms serve 6,000 private and public-sector clients in 70 countries.

X-ITM’s extensive partner network helps drive collaboration and leverage technology independence. The company has established more than 200 industry-leading global Partner Network relationships, including 15 strategic partners: Amazon Web Services, AT&T, Dell Technologies, Google Cloud, HCL, HP, HPE, IBM, Micro Focus, Microsoft, Oracle, PwC, SAP, ServiceNow and VMware

.

X ITM