control: severity -1 minor control: retitle -1 apparmor logs /proc/<pid>/cmdline denials on vm shutdown
Hi, On Mon, Oct 23, 2017 at 06:41:04PM +0200, Michael Biebl wrote: > Am 23.10.2017 um 18:28 schrieb Guido Günther: > > Hi, > > On Mon, Oct 23, 2017 at 06:22:10PM +0200, Michael Biebl wrote: > >> Am 23.10.2017 um 17:49 schrieb Guido Günther: > > >> This is what I get when I *shut down* a VM in virt-manager: > >> $ journalctl -f | grep DENIED > >> Okt 23 18:20:31 pluto audit[8603]: AVC apparmor="DENIED" > >> operation="open" profile="libvirt-4e5a8920-a2a1-4c6b-b7f1-528c20878cdd" > >> name="/proc/718/cmdline" pid=8603 comm="qemu-system-x86" > >> requested_mask="r" denied_mask="r" fsuid=114 ouid=0 > >> Okt 23 18:20:31 pluto kernel: audit: type=1400 audit(1508775631.299:55): > >> apparmor="DENIED" operation="open" > >> profile="libvirt-4e5a8920-a2a1-4c6b-b7f1-528c20878cdd" > >> name="/proc/718/cmdline" pid=8603 comm="qemu-system-x86" > >> requested_mask="r" denied_mask="r" fsuid=114 ouid=0 > > > > I can produce this msg on shutdown (I assumed it to be on VM start) but > > what does break? > > No idea. I don't see any immediate breakage related to those denials. Ahh...I didn't see your comment in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878203#25 and intrigeri's https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878203#30 and the bug title sounded alarming. It's harmless but should be fixed though. Cheers, -- Guido