from:"Theodor van Nahl"

[Bug 930266] Re: Add samba4 ntp signing socket to ntpd apparmor profile

2016-02-28 Thread Theodor van Nahl

Had that exact same problem on Ubuntu 15.10.

The File /etc/apparmor.d/usr.sbin.ntpd contains the following line:

  # samba4 ntp signing socket
  /{,var/}run/samba/ntp_signd/socket rw,


But the line should be

/var/lib/samba/ntp_signd/socket rw,

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/930266

Title:
  Add samba4 ntp signing socket to ntpd apparmor profile

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/930266/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1004606] Re: virsh create-snapshot fails to create external snapshot (blockdev-snapshot-sync fails in json monitor)

2013-05-31 Thread Theodor van Nahl

In the /etc/apparmor.d/local/usr.sbin.libvirtd file I just created one
rule to give libvirtd read'n'write access to the images in my storage
pool with the following line:

/var/lib/libvirt/images/*.img rw,

As preliminary: I have created my own naming convention for my overlays,
these are used for incremental backups to another server. This
convention can be found in my abstractation and has to be adjusted to
your own needs.

First of all I've created my own abstraction as /etc/apparmor.d/local
/abstraction-libvirt-storage. This file gives the clients access to the
important images like that:

/var/lib/libvirt/images/*.base.imgrw,
/var/lib/libvirt/images/*.base.imgrw,
/var/lib/libvirt/images/*.stable_overlay.img  rw,
/var/lib/libvirt/images/*.running.img rw,

The /etc/apparmor.d/libvirt/TEMPLATE file is a source for all rule files
in /etc/apparmor.d/libvirt/. There you need to source the abstraction-
libvirt-storage so the TEMPLATE looks similar to this one (adjust to
your own needs):

profile LIBVIRT_TEMPLATE {
  #include abstractions/libvirt-qemu
  #include local/abstractation-libvirt-storage
}

It is also possible to put the information of the abstraction-libvirt-
storage file directly into the TEMPLATE but a change on some of the
rules would require to edit multiple files ( /etc/apparmor.d/libvirt/*)

I hope this will help. This adjustments should be fine for safety
requirement, because the host should still be secured against guests and
thats the only thing you can do with libvirt+apparmor.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to qemu-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1004606

Title:
  virsh create-snapshot fails to create external snapshot (blockdev-
  snapshot-sync fails in json monitor)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1004606/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1004606] Re: virsh create-snapshot fails to create external snapshot (blockdev-snapshot-sync fails in json monitor)

2013-05-20 Thread Theodor van Nahl

I found a that looks better than deactivating apparmor.

I found here ( http://libvirt.org/drvqemu.html#securitysvirtaa ) the
information that Apparmor is „just“ used for protecting the vm host and
that there is a TEMPLATE under /etc/apparmor.d/libvirt/ that can be
modified. In that TEMPLATE I included one of my own rules and under
/etc/apparmor.d/local/usr.sbin.libvirtd i added a similar rule.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to qemu-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1004606

Title:
  virsh create-snapshot fails to create external snapshot (blockdev-
  snapshot-sync fails in json monitor)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1004606/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1004606] Re: virsh create-snapshot fails to create external snapshot (blockdev-snapshot-sync fails in json monitor)

2013-05-17 Thread Theodor van Nahl

Is there any bugfix in sight or work around known except for disabling
apparmor?

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to qemu-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1004606

Title:
  virsh create-snapshot fails to create external snapshot (blockdev-
  snapshot-sync fails in json monitor)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1004606/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 930266] Re: Add samba4 ntp signing socket to ntpd apparmor profile

[Bug 1004606] Re: virsh create-snapshot fails to create external snapshot (blockdev-snapshot-sync fails in json monitor)

[Bug 1004606] Re: virsh create-snapshot fails to create external snapshot (blockdev-snapshot-sync fails in json monitor)

[Bug 1004606] Re: virsh create-snapshot fails to create external snapshot (blockdev-snapshot-sync fails in json monitor)

4 matches

Site Navigation

Mail list logo

Footer information