Subject: Rare project developers
List archive
- From: mc36 <>
- To: David Schmitz <>
- Cc:
- Subject: Re: [rare-dev] netconf
- Date: Wed, 15 Feb 2023 09:16:20 +0100
hi,
so it's an isolated (throwaway) vm, feel free to break it's apparmor...
tbh i heard apparmor word before, but it's also a black hole in my
knowledge... :(
i'm much better when it comes to networking, i swear :)
br,
cs
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$ dpkg -l | grep apparmor
rc apparmor 2.13.6-10
amd64 user-space parser utility for AppArmor
ii libapparmor1:amd64 2.13.6-10
amd64 changehat AppArmor library
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$ sudo docker run -ti --security-opt apparmor=unconfined
netconfget1 bash
Unable to find image 'netconfget1:latest' locally
docker: Error response from daemon: pull access denied for netconfget1,
repository does not exist or may require 'docker login': denied: requested
access to the resource is denied.
See 'docker run --help'.
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$
On 2/15/23 08:59, David Schmitz wrote:
Hi,
On Wed, 15 Feb 2023, mc36 wrote:
Date: Wed, 15 Feb 2023 08:38:16 +0100This seems to be some issue with your app armor installation.
From: mc36 <>
To: David Schmitz <>
Cc:
Subject: Re: [rare-dev] netconf
some progess but something is still missing:
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$ sudo docker build -f Dockerfiles.d/Dockerfile.fod_netconf_get
-t netconfget1 .
Sending build context to Docker daemon 557.3MB
Step 1/16 : FROM debian:bullseye
bullseye: Pulling from library/debian
1e4aec178e08: Pull complete
Digest:
sha256:43ef0c6c3585d5b406caa7a0f232ff5a19c1402aeb415f68bcd1cf9d10180af8
Status: Downloaded newer image for debian:bullseye
---> 54e726b437fb
Step 2/16 : ENV LC_ALL en_US.utf8
---> Running in 323415a94986
Removing intermediate container 323415a94986
---> ae17a98ae329
Step 3/16 : RUN apt-get -yy update
---> Running in 1931bbbc04b8
AppArmor enabled on system but the docker-default profile could not be
loaded: running `apparmor_parser apparmor_parser --version` failed with
output:
error: exec: "apparmor_parser": executable file not found in $PATH
You could either try to fix it,
maybe by (re-)installing apparmor or so.
But, for now, and not to break anything on your side,
just try to explicitly disable the use of apparmor by docker run
with "--security-opt apparmor=unconfined" :
docker run -ti --security-opt apparmor=unconfined netconfget1 bash
(the container will still be isolated regarding filesystem, processes,
network, etc. (i.e., regarding what is visible inside it),
just not being further restricted by app armor mandatory acces rules
when accessing what is visible inside it (files, sockets, etc.))
Best Regards
David
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED
SIZE
<none> <none> ae17a98ae329 21 seconds ago 124MB
debian bullseye 54e726b437fb 6 days ago 124MB
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$ sudo docker run -ti -e=NETCONF_HOST=10.10.10.227
-e=NETCONF_PORT=830 -e=NETCONF_USER=netconf -e=NETCONF_PASS=netconf
netconfget1
Unable to find image 'netconfget1:latest' locally
docker: Error response from daemon: pull access denied for netconfget1,
repository does not exist or may require 'docker login': denied: requested
access to the resource is denied.
See 'docker run --help'.
mc36@fod:~/FOD$
mc36@fod:~/FOD$
mc36@fod:~/FOD$
- Re: [rare-dev] netconf, (continued)
- Re: [rare-dev] netconf, mc36, 02/14/2023
- Re: [rare-dev] netconf, David Schmitz, 02/14/2023
- Re: [rare-dev] netconf, mc36, 02/14/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, mc36, 02/15/2023
- Re: [rare-dev] netconf, David Schmitz, 02/15/2023
Archive powered by MHonArc 2.6.19.