I am trying to kill containers I launched through docker-compose. Either by gracefully stopping (Ctrl+C) or by docker-compose down I encounter the following error:
ERROR: for <container-name> cannot stop container: b60c1c4d886899504b...2a022e4d39429dc6ca6e4784afdd: Cannot kill container b60c1c4d886899504b...2a022e4d39429dc6ca6e4784afdd: unknown error after kill: runc did not terminate sucessfully: container_linux.go:388: signaling init process caused "permission denied"
: unknown
I am just looking for the answer WHY. I am trying to understand AppArmor better but understanding WHY I can't stop the containers before everything would help to understand what's going on.
I see that this is an error many people come across. 1 2 3 4
However, most of the answers suggest workarounds and no solutions. Even the explanatory answers like 1 dive directly into AppArmor and profiles. From docker documentation I see docker has a default AppArmor policy docker-default. I partly understand the concept but still don't get WHY I can't stop the containers through the user and the environment I've started them in.
If I try to wrap my questions:
- I started some containers as a user, WHY can't I stop them.
sudodoes not work either. Who can stop them then? - Do I need an AppArmor profile for each container?
- I don't feel it's a good idea to restart AppArmor or disable it. Should I do that? What is the ideal solution?
Any feedback or explanations welcome. Thanks.
