Errors on host like:
mar 04 15:17:01 xxx audit[1913824]: AVC apparmor="DENIED" operation="file_lock" profile="lxc-logs_</var/lib/lxc>" pid=1913824 comm="(l-remote)" family="unix" sock_type="dgram" protocol=0 requested_mask="send"
mar 04 15:17:01 xxx audit[1913824]: AVC apparmor="DENIED" operation="file_lock" profile="lxc-logs_</var/lib/lxc>" pid=1913824 comm="(l-remote)" family="unix" sock_type="dgram" protocol=0 requested_mask="send"
And inside container:
Mar 04 16:37:54 lxc (ostnamed)[129]: systemd-hostnamed.service: Failed to set up network namespacing: Permission denied
Mar 04 16:37:54 lxc (ostnamed)[129]: systemd-hostnamed.service: Failed at step NETWORK spawning /lib/systemd/systemd-hostnamed: Permission denied
Set PrivateNetwork
to no
:
systemctl edit systemd-hostnamed
Add lines:
[Service]
PrivateNetwork=no
Due to too much constraints probably ...
Switch off namespace for logs in problematic service:
systemctl edit name-of-service
Add lines:
[Service]
LogNamespace=