I don't think that's a wise approach. It's like refusing to get your oil changed because you're worried about a check engine line.
The fix for this is literally less than 10sec.
should not have to apply manual fixes after an update
I don't think that's a wise approach. It's like refusing to get your oil changed because you're worried about a check engine line.
The fix for this is literally less than 10sec.
should not have to apply manual fixes after an update
No change
Error on Firefox : PR_END_OF_FILE_ERROR when accessing qbittorrent WebUI.
The grub fix just changes an apparmour boot option and the docker reinstall is just so docker is configured for that option.
When I did the patch on my system, I did notice that some containers were still not running right so I had to re-create them. If you are using portainer, the easiest way is to just hit the re-create button on the setting page for each container. You will not loose anything, the container will just get rebuilt.
should not have to apply manual fixes after an update
So you expect Volker to maintain docker in addition to OMV?
should not have to apply manual fixes after an update
Never had a Windows update go bad? This was caused by docker not OMV. Some things are out of our hands.
Never had a Windows update go bad?
Zing.. lol
For anyone following, if you can keep your finger off the update button it looks like a fix on the docker side is in the works:
ZitatFYI, this was discussed in today's maintainer call and a revert to the apparmor startup logic is being fast-tracked for a 23.0.1 release: #44902 (comment)
For anyone following, if you can keep your finger off the update button it looks like a fix on the docker side is in the works:
That’s good to hear.
For those of us that installed the grub patch, it should be easy to reverse by just removing the apparmor flag file that ryecoaaron ’s instructions created and then updating grub again. Those that installed apparmor and apparmor-utils should be able to just uninstall them.
it looks like a fix on the docker side is in the works:
If you read the docker issue, it doesn't seem like Docker agrees with the moby dev. The docker folks seem to think apparmor should be installed. So, I don't see any fix that will help OMV coming. We are still at disable apparmor at the OS level or install apparmor for options. As the moby dev mentions, installing apparmor can be problematic. I am still recommending that apparmor be disabled at the OS level. If OMV 7 has apparmor enabled by default, I think this will be less of an issue.
I have applied the grub fix, and I still get the apparmor error when starting the docker containers.
I have tried multiple times, and tried uninstalling and re-installing docker.
ZitatError response from daemon: AppArmor enabled on system but the docker-default profile could not be loaded: running `apparmor_parser apparmor_parser --version` failed with output:
error: exec: "apparmor_parser": executable file not found in $PATH
EDIT:
docker info still shows apparmor under Security Options as well.
I have applied the grub fix, and I still get the apparmor error when starting the docker containers.
I have tried multiple times, and tried uninstalling and re-installing docker.
EDIT:
docker info still shows apparmor under Security Options as well.
ryecoaaron can correct me if I’m wrong, but this is the way I understand it.
If you install from the OMV iso, apparmor is not installed, so his grub fix is just disabling a boot flag the docker is looking at and thinking apparmor is installed, but since it’s not docker has a problem.
If you used a Debian minimal net install and the omv install script, apparmor is installed by Debian, but apparmor-utils is not, and it is apparmor-utils that, once installed, corrects the issue.
You need to apply the correct fix based on how you installed.
You can correct me, but since you are seeing apparmor as installed, you probably installed via the Debian net install and omv script, and as such you should probably undo the grub patch and install apparmor-utils
Alles anzeigenryecoaaron can correct me if I’m wrong, but this is the way I understand it.
If you install from the OMV iso, apparmor is not installed, so his grub fix is just disabling a boot flag the docker is looking at and thinking apparmor is installed, but since it’s not docker has a problem.
If you used a Debian minimal net install and the omv install script, apparmor is installed by Debian, but apparmor-utils is not, and it is apparmor-utils that, once installed, corrects the issue.
You need to apply the correct fix based on how you installed.
You can correct me, but since you are seeing apparmor as installed, you probably installed via the Debian net install and omv script, and as such you should probably undo the grub patch and install apparmor-utils
I installed OMV 5 from ISO, and did a manual upgrade to 6.
I also remember having issues (don't remember what it was) and had to re-run the omv script, so not sure if that is the same thing.
EDIT:
apparmor is not installed if that means anything.
ZitatServer Version: 20.10.23
Security Options:
apparmor
Zitatii libapparmor1:amd64 2.13.6-10 amd64 changehat AppArmor library
I originally installed OMV 5 and upgraded to OMV 6 when it was released. Seems to me the old docker (v20) also thought I had apparmor installed. Guess we will see if switching logic from 23 to 20 in the new PR will "fix" this. I have held off from updating because of this shenanigans.
I installed OMV 5 from ISO, and did a manual upgrade to 6.
I also remember having issues (don't remember what it was) and had to re-run the omv script, so not sure if that is the same thing.
EDIT:
apparmor is not installed if that means anything.
Alles anzeigenryecoaaron can correct me if I’m wrong, but this is the way I understand it.
If you install from the OMV iso, apparmor is not installed, so his grub fix is just disabling a boot flag the docker is looking at and thinking apparmor is installed, but since it’s not docker has a problem.
If you used a Debian minimal net install and the omv install script, apparmor is installed by Debian, but apparmor-utils is not, and it is apparmor-utils that, once installed, corrects the issue.
You need to apply the correct fix based on how you installed.
You can correct me, but since you are seeing apparmor as installed, you probably installed via the Debian net install and omv script, and as such you should probably undo the grub patch and install apparmor-utils
If I check "cat /proc/cmdline" it shows the follwoing, so the grub workaround does not seem to be working for me, any idea why?
Zitatcat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-5.10.0-0.bpo.15-amd64 root=UUID=418335aa-4d5a-495e-82f0-99c7d8040645 ro quiet
Are you on OMV 5? While it should work for that version, I didn't test.
Are you on OMV 5? While it should work for that version, I didn't test.
No. I originally installed 5 from iso, I upgraded to 6 manually.
I suspect the manual upgrade from OMV5, which if I recall correctly call for a do-release-upgrade may have actually installed apparmor, so the other fix may be the one that is needed.
Personally, I have never really trusted the upgrade paths and have always installed fresh for major versions.
I suspect the manual upgrade from OMV5, which if I recall correctly call for a do-release-upgrade may have actually installed apparmor, so the other fix may be the one that is needed.
omv-release-upgrade from 4 to 5 to 6 on one of my machines didn't install apparmor.
No. I originally installed 5 from iso, I upgraded to 6 manually.
Post the output of the following:
dpkg -l | grep -E "grub|apparmor|linux-image"
cat /etc/default/grub
cat /etc/default/grub.d/apparmor.cfg
sudo update-grub
Personally, I have never really trusted the upgrade paths and have always installed fresh for major versions.
I have never had an upgrade that I couldn't fix IF omv-release-upgrade failed.
Alles anzeigenomv-release-upgrade from 4 to 5 to 6 on one of my machines didn't install apparmor.
Post the output of the following:
dpkg -l | grep -E "grub|apparmor|linux-image"
cat /etc/default/grub
cat /etc/default/grub.d/apparmor.cfg
sudo update-grub
dpkg -l | grep -E "grub|apparmor|linux-image"
ii grub-common 2.06-3~deb11u5 amd64 GRand Unified Bootloader (common files)
ii grub-legacy 0.97-77 amd64 GRand Unified Bootloader (Legacy version)
rc grub-pc 2.06-3~deb10u3 amd64 GRand Unified Bootloader, version 2 (PC/BIOS version)
ii grub-pc-bin 2.06-3~deb11u5 amd64 GRand Unified Bootloader, version 2 (PC/BIOS modules)
rc grub2-common 2.06-3~deb10u3 amd64 GRand Unified Bootloader (common files for version 2)
ii libapparmor1:amd64 2.13.6-10 amd64 changehat AppArmor library
ii linux-image-5.10.0-0.bpo.15-amd64 5.10.120-1~bpo10+1 amd64 Linux 5.10 for 64-bit PCs (signed)
rc linux-image-5.10.0-0.deb10.16-amd64 5.10.127-2~bpo10+1 amd64 Linux 5.10 for 64-bit PCs (signed)
cat /etc/default/grub
# If you change this file, run 'update-grub' afterwards to update
# /boot/grub/grub.cfg.
# For full documentation of the options in this file, see:
# info -f grub -n 'Simple configuration'
GRUB_DEFAULT=4
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
GRUB_CMDLINE_LINUX=""
# Uncomment to enable BadRAM filtering, modify to suit your needs
# This works with Linux (no patch required) and with any kernel that obtains
# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"
# Uncomment to disable graphical terminal (grub-pc only)
#GRUB_TERMINAL=console
# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
#GRUB_GFXMODE=640x480
# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
#GRUB_DISABLE_LINUX_UUID=true
# Uncomment to disable generation of recovery mode menu entries
#GRUB_DISABLE_RECOVERY="true"
# Uncomment to get a beep at grub start
#GRUB_INIT_TUNE="480 440 1"
GRUB_DISABLE_SUBMENU=y
Alles anzeigen
cat /etc/default/grub.d/apparmor.cfg
sudo update-grub
Searching for GRUB installation directory ... found: /boot/grub
WARNING: tempfile is deprecated; consider using mktemp instead.
Searching for default file ... found: /boot/grub/default
Testing for an existing GRUB menu.lst file ... found: /boot/grub/menu.lst
WARNING: tempfile is deprecated; consider using mktemp instead.
Searching for splash image ... none found, skipping ...
Found kernel: /boot/vmlinuz-5.10.0-0.bpo.15-amd64
Found kernel: /boot/vmlinuz-5.10.0-0.bpo.5-amd64
Updating /boot/grub/menu.lst ... done
It doesn't help that your system still is running the backports Debian 10/OMV 5.x kernel but I would try moving apparmor=0 to the GRUB_CMDLINE_LINUX_DEFAULT="quiet" line in /etc/default/grub and run sudo update-grub again.
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!