This recently came up on the libvirt mailing list: https://www.redhat.com/archives/libvir-list/2010-September/msg00406.html
It appears that libvirt is aa_change_profile()ing before the DAC security driver can do its business. It seems that the ordering of the stacked security driver is wrong and that DAC driver should (always) go first, then the MAC (eg AppApparmor/SELinux) should come after. Before we push something to Lucid, I'd like to see upstream consensus on the fix (especially since we may want to change Maverick). -- setgid, setuid needed by /etc/apparmor.d/abstractions/libvirt-qemu https://bugs.launchpad.net/bugs/579584 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in ubuntu. -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
