Page 1 of 1

LXC+Grsec+Socket Denied connect out of ...

PostPosted: Sun Jun 08, 2014 3:58 pm
by bryn1u
Hey,

I've installed Ubuntu 14.04 Server, compiled kernel linux-3.14.5 with Grsecurity patch 3.0-3.14.5-test and after all i want to try use apt-get from inside lxc but i cant. Only get some errors as below:
apt-get update
Code: Select all
rr http://archive.ubuntu.com trusty InRelease
 
Err http://archive.ubuntu.com trusty-updates InRelease
 
Err http://security.ubuntu.com trusty-security InRelease
 
Err http://archive.ubuntu.com trusty Release.gpg
  Could not resolve 'archive.ubuntu.com'
Err http://archive.ubuntu.com trusty-updates Release.gpg
  Could not resolve 'archive.ubuntu.com'
Err http://security.ubuntu.com trusty-security Release.gpg
  Could not resolve 'security.ubuntu.com'
Reading package lists... Done
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/InRelease 

W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/InRelease 

W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/trusty-security/InRelease 

W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/Release.gpg  Could not resolve 'archive.ubuntu.com'

W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/Release.gpg  Could not resolve 'archive.ubuntu.com'

W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/trusty-security/Release.gpg  Could not resolve 'security.ubuntu.com'

W: Some index files failed to download. They have been ignored, or old ones used instead.


sysctl.conf host
Code: Select all
kernel.grsecurity.chroot_caps = 0
kernel.grsecurity.chroot_deny_chmod = 0
kernel.grsecurity.chroot_deny_pivot = 0
kernel.grsecurity.chroot_deny_chroot = 0
kernel.grsecurity.chroot_deny_mount = 0
kernel.grsecurity.chroot_deny_unix = 0


Someone can tell me what's wrong ? When i use vanilla kernel or ubuntu's production kernel works well !