[Bug 470636] Re: AppArmor security driver does not support backingstore

2010-10-08 Thread Jamie Strandboge 
Actually, it supports backing stores just fine in both Lucid and
Maverick (I use them all the time) for both storage pools and backed
qemu disks (I use them all the time) and the issue you are seeing is a
result of an upstream libvirt security fix, and not the AppArmor
security driver.

What changed in maverick is that libvirt 0.8.3 won't automatically probe
for the disk format (doing so causes various security problems), and
therefore the backing store, unless the disk format is specified in the
XML. Unfortunately this is not the case for virtinst, vmbuilder and any
home-brewed scripts when using non-raw disk formats (raw is the
default). See bug #656173 comment #7 for more details. I plan to fix
virtinst in an SRU (bug #655392) as well as vmbuilder.

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2010-10-08 Thread Jamin W. Collins 
You are indeed correct that specifying the format of the disk image file
corrected the issue.  However, this is also a fairly large regression
over previous functionality.  Configurations that worked flawlessly
under lucid will now break under maverick.  Additionally, the reason for
the breakage will not be clear.  There aren't any error messages
reported, at least none that I could find, that would guide the user to
what the problem actually is.

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2010-10-07 Thread Jamin W. Collins 
This is still an issue in Maverick.

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2010-04-08 Thread Steve Langasek 
libvirt 0.7.5-5ubuntu21 is accepted into lucid, but some of the
intermediate versions were bounced out of the queue for simplicity's
sake - so this didn't get autoclosed.  Changelog entry:

libvirt (0.7.5-5ubuntu18) lucid; urgency=low

  * handle SDL graphics (LP: #545426). This can be dropped in 0.7.8
- 9019-apparmor-fix-xauth.patch: adjust virt-aa-helper to handle SDL
  graphics, specifically Xauthority. Also remove a couple redundant
  checks.
- debian/apparmor/libvirt-qemu: add comment about /dev/fb*
  * handle backingstore (LP: #470636). This can be dropped in 0.7.8
- debian/patches/9020-apparmor-fix-backingstore.patch: adjust
  virt-aa-helper to handle disks with backing stores
- debian/apparmor/usr.lib.libvirt.virt-aa-helper: allow access to
  user-tmp, non-hidden files in @{HOME} and storage pools

 -- Jamie Strandboge ja...@ubuntu.com  Mon, 05 Apr 2010 16:56:25 -0500


** Changed in: libvirt (Ubuntu Lucid)
   Status: Fix Committed = Fix Released

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2010-04-07 Thread Steve Langasek 
Not respinning beta ISOs for this, so will accept immediately after
beta2.

** Changed in: libvirt (Ubuntu Lucid)
Milestone: ubuntu-10.04-beta-2 = ubuntu-10.04

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2010-04-05 Thread Jamie Strandboge 
Uploaded 0.7.5-5ubuntu18 which fixes this. Just needs to be approved.

** Changed in: libvirt (Ubuntu Lucid)
   Status: In Progress = Fix Committed

** Changed in: libvirt (Ubuntu Lucid)
Milestone: None = ubuntu-10.04-beta-2

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2010-04-01 Thread Jamie Strandboge 
** Changed in: libvirt (Ubuntu Lucid)
   Status: Triaged = In Progress

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2010-03-31 Thread Jamie Strandboge 
Marking karmic task as Won't Fix as this will likely be too intrusive to
fix in Karmic's libvirt.

** Changed in: libvirt (Ubuntu Karmic)
   Status: Triaged = Won't Fix

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2009-12-03 Thread Stefan Metzmacher 
As the base images should be readonly anyway, you can add

/path/to/images_dir/** r,

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2009-12-03 Thread Imre Gergely 
Yeah, that could work, too. I was going with 'rw' in case one keeps ALL
the image files in one place, the base images AND the overlays. I, for
example, have /path/to/images_dir/masters for the base images, and
/path/to/images_dir for the overlays.

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2009-11-10 Thread Jamie Strandboge 
I looked into this quite a bit, and the problem is that libvirt is
unaware of the pristine cow/snapshot that the disk file is referencing.
All that is in the machine definition is the disk entry, which points
only to the snapshot/cow, not the underlying image. I can't (and won't)
fix this because the only way to do that is to make libvirt peek into
the disk file and see what its backing store is. This would allow an
avenue for an attacker to escape the VM, or at least read/overwrite
arbitrary files on the host. If the VM is compromised, the attacker has
write access to the disk file, which could be modified to point to
another file on the disk. Simply put, libvirt should not be looking at
an attacker controlled file for determining access controls.

The support that was added in 0.6.0 that Olivier mentioned is for
'backingstore', which can be used as a part of a volume definition in
a storage pool. This also does not work right now, but I plan to fix it
for Lucid, and possibly do an SRU for Karmic if the changes aren't too
drastic (I'm hoping they won't be).

In the meantime, as a workaround, people can do one of two things:
1. modify /etc/apparmor.d/libvirt-uuid for the additional file. This will 
maintain guest isolation (ie, one VM cannot access files of another VM). This 
also needs to be done for each VM that uses a cow/snapshot file.
2. modify /etc/apparmor.d/abstractions/libvirt-qemu to allow access to all 
files in a particular directory, and put all your backing store files in that 
directory. This breaks guest isolation (ie, one VM can read/write to all of the 
files in this directory), but it does maintain host protection.

See /usr/share/doc/libvirt-bin/README.Debian.gz for details on the
architecture of the sVirt AppArmor driver and how to customize it for
your environment.

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 470636] Re: AppArmor security driver does not support backingstore

2009-11-10 Thread Imre Gergely 
If you're going with option 2., you can simply add the following line to
/etc/apparmor.d/abstractions/libvirt-qemu file's end (after the HOME
stuff)

/path/to/images_dir/** rw,

Then you can place you images for every guest in that folder or
subfolders. Tested and working on Karmic.

Note that this is not as secure as option 1., but it is a quick fix if
you're say on a private machine where only you have access to guests and
you're doing a lot of guest creation/destroyingand you don't want to
edit the profile for every one of them by hand.

-- 
AppArmor security driver does not support backingstore
https://bugs.launchpad.net/bugs/470636
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs