** Changed in: libvirt (Debian)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962035
Title:
apparmor blocks VM installation when automatic UEFI firmware is
Migrated and I've not yet seen the world explode :-)
Thank you all!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962035
Title:
apparmor blocks VM installation when automatic UEFI firmware is set
This bug was fixed in the package libvirt - 8.0.0-1ubuntu5
---
libvirt (8.0.0-1ubuntu5) jammy; urgency=medium
* apparmor: Fix QEMU access for UEFI variable files. Backported from
upstream master commit 7aec69b7fb9d0c. (Closes: #1006324, LP: #1962035)
Refresh
I did a test build in my PPA:
https://launchpad.net/~pitti/+archive/ubuntu/fixes
I re-ran the reproducer on current Jammy to confirm the bug, then
updated to the PPA, and re-ran the last virt-install command. That
succeeded.
** Changed in: libvirt (Ubuntu)
Status: Triaged => Fix Committed
I sent https://salsa.debian.org/libvirt-
team/libvirt/-/merge_requests/135 to update Debian. Unfortunately that
does not build right now due to the inconsistent state of the packaging
git. But the patch itself backports fairly cleanly.
I'll upload to Jammy next.
--
You received this bug
Fix landed upstream:
https://gitlab.com/libvirt/libvirt/-/commit/7aec69b7fb9d0cfe8b7203473764c205b28d2905
** Changed in: libvirt
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I did the upstream merge, would you prepare a libvirt upload or should
I?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962035
Title:
apparmor blocks VM installation when automatic UEFI firmware
Yes that approach should be fine and I want it in Jammy as well.
We no more sync from Debian, so as soon as it is upstream committed we can
consider adding it here.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I just approved it upstream, if no one else merges it let me know and I
can give it another look.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962035
Title:
apparmor blocks VM installation when
Thanks Christian. I updated the upstream PR. I just don't want to apply
a patch just to Ubuntu. Once it lands upstream, I backport it, send it
to Debian, and *then* I'm happy to apply it to Jammy -- there should
still be enough time before the freeze, right? (Would be nice to have
that in the LTS,
I finally had more than 20 seconds to look at this, commented in the
upstream PR with a line that would be great to be added to match one
common case that I think isn't covered yet.
** Changed in: libvirt (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because
Thank you Martin and Katerina, for discussing it here and for driving it
upstream.
I'm on a sprint this week and I know Martin "could" do all of this on his own.
For now I tagged it so I can revisit the case more easily, if you need our help
later to land it in Jammy let us know.
--
You
** Tags added: server-todo
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962035
Title:
apparmor blocks VM installation when automatic UEFI firmware is set
To manage notifications about this bug
** Changed in: libvirt (Debian)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962035
Title:
apparmor blocks VM installation when automatic UEFI firmware is set
To
** Changed in: libvirt
Status: New => In Progress
** Changed in: libvirt
Assignee: (unassigned) => Martin Pitt (pitti)
** Package changed: apparmor (Debian) => libvirt (Debian)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
I sent the proposed and tested fix upstream:
https://gitlab.com/libvirt/libvirt/-/merge_requests/140
** Also affects: libvirt
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I came up with this patch:
--- /etc/apparmor.d/abstractions/libvirt-qemu.orig 2022-01-22
18:22:57.0 +
+++ /etc/apparmor.d/abstractions/libvirt-qemu 2022-02-25 13:54:22.075405809
+
@@ -85,7 +85,7 @@
/usr/share/misc/sgabios.bin r,
/usr/share/openbios/** r,
/etc/apparmor.d/abstractions/libvirt-qemu is shipped by libvirt-daemon-
system, reassigning. I can reproduce this, and I'll attempt to work on a
fix. I'll update the Debian bug as well.
Complete copy reproducer:
virt-install --connect qemu:///system --quiet --os-variant fedora28 --memory
128
** Changed in: apparmor (Debian)
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962035
Title:
apparmor blocks VM installation when automatic UEFI firmware is set
To
** Bug watch added: Debian Bug tracker #1006324
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006324
** Also affects: apparmor (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006324
Importance: Unknown
Status: Unknown
--
You received this bug notification
20 matches
Mail list logo
