I’m able to run an ubuntu:22.04 VM and interact with it via SSH, text console, and lxc exec
commands. However, when I use --type=vga
for the console, I only see the boot screen and never get a TTY -
#lxc config show guitest
architecture: x86_64
config:
image.architecture: amd64
image.description: ubuntu 22.04 LTS amd64 (release) (20231211)
image.label: release
image.os: ubuntu
image.release: jammy
image.serial: "20231211"
image.type: disk-kvm.img
image.version: "22.04"
volatile.base_image: ef4f41567512606b4a8f6589aad098f43a033381747a80b50e3655b01549e288
volatile.cloud-init.instance-id: 0ac4466e-e135-4ee9-8522-c3ab33c3399b
volatile.eth0.host_name: tap029281b5
volatile.eth0.hwaddr: 00:16:3e:92:15:cf
volatile.last_state.power: RUNNING
volatile.last_state.ready: "false"
volatile.uuid: 3bc7e3fe-1eaf-4375-a029-e29670c79080
volatile.uuid.generation: 3bc7e3fe-1eaf-4375-a029-e29670c79080
volatile.vsock_id: "1821641778"
devices: {}
ephemeral: false
profiles:
- default
stateful: false
description: ""
I am running LXD via snap on Pop!OS 22.04. I am getting some apparmor DENIED logs for /etc/os-release
as it is symlinked to a non common directory that hasn’t been allowed -
audit[94776]: AVC apparmor="DENIED" operation="open" class="file" profile="snap.lxd.lxc" name="/var/lib/snapd/hostfs/etc/pop-os/os-release" pid=94776 comm="snap-exec" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
audit[94776]: AVC apparmor="DENIED" operation="open" class="file" profile="/snap/snapd/20671/usr/lib/snapd/snap-confine" name="/etc/pop-os/os-release" pid=94776 comm="snap-confine" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
I’ve searched but haven’t found any conclusive answers, and any changes I’ve attempted in apparmor policies have yielded any fruit. I am not a very experienced apparmor user either, so that doesn’t say much.