Hi,
I chenged template parameter configuration to LXD_SECURITY_NESTING=“yes”
when I deployed New VM this parameter set to new VM and my problem has fixed but VMS that used to be this template parameter does not work for VMS that were created before this change
netemplate show 4
TEMPLATE 4 INFORMATION
ID : 4
NAME : ubuntu_xenial - LXD
USER : oneadmin
GROUP : oneadmin
LOCK : None
REGISTER TIME : 03/09 18:06:51
PERMISSIONS
OWNER : um-
GROUP : ---
OTHER : ---
TEMPLATE CONTENTS
CONTEXT=[
NETWORK="YES",
PASSWORD="$PASSWORD",
SET_HOSTNAME="$SET_HOSTNAME",
SSH_PUBLIC_KEY="$USER[SSH_PUBLIC_KEY]",
USERNAME="$USERNAME" ]
CPU="2"
DISK=[
IMAGE_ID="5" ]
GRAPHICS=[
LISTEN="0.0.0.0",
TYPE="VNC" ]
HYPERVISOR="lxd"
INPUTS_ORDER="PASSWORD,USERNAME,SET_HOSTNAME"
LXD_PROFILE=""
**LXD_SECURITY_NESTING="yes"**
LXD_SECURITY_PRIVILEGED="yes"
MEMORY="4096"
MEMORY_UNIT_COST="MB"
OS=[
BOOT="" ]
USER_INPUTS=[
PASSWORD="M|text|PASSWORD",
SET_HOSTNAME="M|text|HOSTNAME",
USERNAME="M|text|USERNAME" ]
VCPU="2"
also when I am running onevm updateconf $VMID both VMS are the same config and this parameter not be set at this VMconf ,
$dmesg
[511773.459614] audit: type=1400 audit(1589090167.685:681): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxd-one-178_</var/lib/lxd>" name="/" pid=3518244 comm="(ostnamed)" flags="rw, rslave"
[511809.524025] audit: type=1400 audit(1589090203.749:682): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxd-one-178_</var/lib/lxd>" name="/" pid=3519527 comm="exe" flags="rw, rslave"
[512328.225907] audit: type=1400 audit(1589090722.449:683): apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" label="lxd-one-196_</var/lib/lxd>//&:lxd-one-196_<var-lib-lxd>:unconfined" name="/usr/sbin/tcpdump" pid=3546394 comm="apparmor_parser"
Does anyone know where I need to change?