Public bug reported:
Attempting to use libvirt to start a VM on arm64 with the installed path
of the qemu-efi package fails
$ /usr/lib/libvirt/virt-aa-helper -c -u
libvirt-b9da2c01-cbd0-4ede-a026-f9f35ff5e9ba < template.xml
virt-aa-helper: error: /usr/share/qemu-efi/QEMU_EFI.fd
virt-aa-helper: error: skipped restricted file
virt-aa-helper: error: invalid VM definition
This is because /usr/share/ is a restricted path in virt-aa-helper.c and
an exception isn't made in restricted_rw for /usr/share/qemu-efi like it
is for other firmware images like /usr/share/ovmf/
Also, although I haven't directly run into it
/etc/apparmor.d/abstractions/libvirt-qemu should probably have entries for
aarch64 as well to match the x86 counterparts:
/usr/lib/aarch64-linux-gnu/qemu/block-curl.so rm,
/usr/lib/aarch64-linux-gnu/qemu/block-rbd.so rm,
** Affects: libvirt (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in Ubuntu.
https://bugs.launchpad.net/bugs/1538882
Title:
virt-aa-helper restricts arm64 QEMU_EFI.fd binary
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1538882/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
