rrect" to stop
the processes on a libvirtd stop?
[1]: http://paste.ubuntu.com/26208661/
[2]: http://paste.ubuntu.com/26208664/
P.S. I discussed this on IRC last Friday, but other than Michael
confirming the current state there was no further traction on the
discussion yet.
--
Christian Ehrhard
he
road with "policy namespaces with scope and view control + stacking"
This is more a use-case addition than a fix to the following two changes:
- 3b1d19e6 AppArmor: add rules needed with additional mediation features
- b482925c apparmor: support ptrace checks
Signed-off-
In case ipv6 is used the network inet6 permission is required for
virt-aa-helper.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 1 +
1 file changed, 1 insertion(+)
diff --git a/examples/apparmor/usr.lib.libvir
://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1729626
Christian Ehrhardt (2):
apparmor: allow qemu to read max_segments
apparmor, virt-aa-helper: allow ipv6
examples/apparmor/libvirt-qemu | 3 +++
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 1 +
2 files changed, 4
a symlink path we need to translate that for apparmor from
"/sys/dev/block/*/queue/max_segments" to
"/sys/devices/**/block/*/queue/max_segments"
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
examples/apparmor/libvirt-qemu | 3 +++
1 file
On Thu, Nov 2, 2017 at 4:34 PM, Daniel P. Berrange <berra...@redhat.com> wrote:
>
> On Thu, Nov 02, 2017 at 04:14:06PM +0100, Christian Ehrhardt wrote:
> > Ping - since there wasn't any reply so far - any best practices one could
> > share?
> >
> > Let me
is really ok and how/where is the question.
Also to +1 on bad things for today - I made this a cross post to libvirt in
case there is one that has done that in the past.
On Mon, Aug 28, 2017 at 4:36 PM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
> Hi,
> migra
following to clutter the log:
Skipping FW AAVMF32 test. Could not find /usr/share/AAVMF/AAVMF32_CODE.fd
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
tests/virt-aa-helper-test | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/virt-aa-helper-t
As follow up to [1] some smaller extensions and fixups to virt-aa-helper
and its tests.
[1]: https://www.redhat.com/archives/libvir-list/2017-October/msg01161.html
Christian Ehrhardt (2):
virt-aa-helper: apparmor wildcards to forbidden chars
virt-aa-helper-test: only fails go to stdout
Some globbing chars in the domain name could be used to break out of
apparmor rules, so lets forbid these when in virt-aa-helper.
Also adding a test to ensure all those cases were detected as bad char.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
src/security/v
On Wed, Oct 25, 2017 at 8:48 PM, Jamie Strandboge <ja...@canonical.com>
wrote:
> On Wed, 2017-09-20 at 16:59 +0200, Christian Ehrhardt wrote:
> > libvirt allows spaces in vm names, there were issues in the past but
> > it
> > seems not removed so the assum
tion might need it so allow
the access in the default apparmor profile.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
examples/apparmor/libvirt-qemu | 1 +
1 file changed, 1 insertion(+)
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-q
the domain xml.
But on attach-device a user will still trigger an apparmor deny by going
through virt-aa-helper -f, to fix that add the lock "k" permission to the
append file case of virt-aa-helper.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
src/sec
by default we
should raise the limit to 16k.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
src/logging/virtlogd.service.in | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/logging/virtlogd.service.in b/src/logging/virtlogd.service.in
y have to be tweaked in really uncommon cases.
Christian Ehrhardt (2):
Increase default file handle limits for virtlogd
Increase default file handle limits for virtlockd
src/locking/virtlockd.service.in | 4 ++--
src/logging/virtlogd.service.in | 6 --
2 files changed, 6 insertions(+), 4 del
The assumption so far was an average of 4 disks per guest.
But some architectures, like s390x, still often use plenty of smaller disks.
To include those in the considerations an assumption of an average of 10
disks is more reasonable.
Signed-off-by: Christian Ehrhardt <christian.eh
On Fri, Sep 29, 2017 at 4:58 PM, Michal Privoznik <mpriv...@redhat.com>
wrote:
> On 09/20/2017 04:59 PM, Christian Ehrhardt wrote:
> > If users only specified vendor (the common case) then parsing
> > the xml via virDomainHostdevSubsysUSBDefParseXML would only set these.
>
gards,
> Daniel
> --
> |: https://berrange.com -o-https://www.flickr.com/photos/
> dberrange :|
> |: https://libvirt.org -o-
> https://fstop138.berrange.com :|
> |: https://entangle-photo.org-o-https://www.instagram.com/
> dberrange :|
>
--
On Thu, Sep 28, 2017 at 2:05 PM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
>
>
> On Thu, Sep 28, 2017 at 12:25 AM, Eric Blake <ebl...@redhat.com> wrote:
>
>> [adding gnulib]
>>
>
> [...]
>
>>
> then libvirt needs to pi
On Thu, Sep 28, 2017 at 12:25 AM, Eric Blake <ebl...@redhat.com> wrote:
> [adding gnulib]
>
> On 09/27/2017 04:36 PM, Christian Ehrhardt wrote:
> > Hi,
> > there seems to be an incompatibility to the last glibc due to [1].
>
> Gnulib needs to be updated to track
I did an in-place replacement of gnulib to the latest from gnulib upstream
but the issue stays.
So for the time being i'd assume it is not yet solved there.
On Wed, Sep 27, 2017 at 11:36 PM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
> Hi,
>
ld not get the example to
fail without libvirt (OTOH I'm sure it would).
Therefore I'm reaching out to you for your help and experience on the build
system what could be done.
[1]: https://sourceware.org/ml/libc-alpha/2017-04/msg00115.html
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Can
Hi,
just a ping to ask if anybody could take a look to review this set of
smaller changes?
On Wed, Sep 20, 2017 at 4:59 PM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
> Hi,
> this was mostly created by clearing old libvirt bugs in Ubuntu.
> USB passthrough so
eer=unconfined,
> > > + ptrace (trace) peer=/usr/sbin/libvirtd,
> > > + ptrace (trace) peer=libvirt-*,
> > > +
> >
> > This works here too! And I can even drop the first rule (ptrace (trace)
> > peer=unconfined) and things still work (and from reading the profile and
> > Jamies explanations it should work without it). Can you check if that
> > works for you too? Otherwise:
> >
> > Reviewed-By: Guido Günther <a...@sigxcpu.org>
>
> I've pushed that patch as is since without the unconfined ptrace we're
> seeing denials with gnome-boxes and virsh.
> Cheers,
> -- Guido
>
> >
> >
> > ># Very lenient profile for libvirtd since we want to first focus on
> confining
> > ># the guests. Guests will have a very restricted profile.
> > >/ r,
> > > --
> > > 2.14.1
> > >
> >
> > --
> > libvir-list mailing list
> > libvir-list@redhat.com
> > https://www.redhat.com/mailman/listinfo/libvir-list
> >
>
> --
> libvir-list mailing list
> libvir-list@redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
using now as a workaround.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
examples/apparmor/libvirt-qemu | 3 +++
1 file changed, 3 insertions(+)
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu
index dcfb1a5..b341e31 100644
--- a/examples/
schema
should do so.
Apparmor rules are in quotes, so a space in a path based on the name works.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
src/security/virt-aa-helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/security/virt-aa-he
To avoid any issues later on if paths ever change (unlikely but
possible) and to match the style of other generated rules the paths
of the static rules have to be quoted as well.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
src/security/virt-aa-helper.c | 6 +++
uncondtionally sets virHostdevFindUSBDevice mandatory attribute as
adding an apparmor rule for a device not found makes no sense no matter
what startup policy it has set.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
src/security/virt-aa-helper.c | 4
1 file changed, 4 insert
to that and
submit them today.
Christian Ehrhardt (4):
virt-aa-helper: fix paths for usb hostdevs
virt-aa-helper: fix libusb access to udev usb data
virt-aa-helper: allow spaces in vm names
virt-aa-helper: put static rules in quotes
examples/apparmor/libvirt-qemu | 3 +++
src/security/virt-aa-helper.c
]: http://paste.ubuntu.com/25570670/
[2]: http://paste.ubuntu.com/25570673/
[3]: http://paste.ubuntu.com/25570720/
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
t; now and have it locked already (in
> virNetDaemonAddShutdownInhibition())
>
> Signed-off-by: Michal Privoznik <mpriv...@redhat.com>
>
>
Change builds fine (on top of 3.6) and seems to fix the issue.
Survived 20 minutes in my stress loop, which it never did before.
Tested-by: Christian Ehrhardt <chri
a v2 which states so more explicitly.
On Thu, Aug 17, 2017 at 1:23 PM, Michal Privoznik <mpriv...@redhat.com>
wrote:
> On 08/17/2017 10:55 AM, Christian Ehrhardt wrote:
> > Testing qemu-2.10-rc3 shows issues like:
> > qemu-system-aarch64: -drive file=/home/ubuntu/vm-start
ck" [...]
name="/home/ubuntu/vm-start-stop/vms/7936-0_CODE.fd"
name="/var/lib/uvtool/libvirt/images/kvmguest-artful-normal.qcow"
[...] comm="qemu-system-aarch64" requested_mask="k" denied_mask="k"
The profile needs to allow locking for load
Ping - opinions on this or is it ready to be committed?
On this reply setting Guido on CC as he has experience on apparmor patches
in libvirt and commit rights.
On Fri, Aug 11, 2017 at 8:58 PM, intrigeri <intrigeri+libv...@boum.org>
wrote:
> Hi,
>
> Christian Ehrhardt:
>
s now get
that permission, but no other rules are changed, example:
- "/var/lib/uvtool/libvirt/images/kvmguest-artful-normal-a2.qcow" rw,
+ "/var/lib/uvtool/libvirt/images/kvmguest-artful-normal-a2.qcow" rwk
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonic
On Thu, Aug 10, 2017 at 11:19 AM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
> Testing qemu-2.10-rc2 shows issues like:
> qemu-system-x86_64: -drive file=/var/lib/uvtool/libvirt/images/kvmguest-
> \
> artful-normal.qcow,format=qcow2,if=none,id=drive-virtio
We had the same rule for some time, it just is ordered later in our
submission stack and not yet pushed by me or Stefan for review.
But since we have the same rules for quite some time working fine I'm
clearly acking that.
Thanks intrigeri!
Acked-by: Christian Ehrhardt <christian.eh
s you won't need
all three, but I happily give them all to you :-)
Thanks a lot Peter!
Acked-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
Reported-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
Tested-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
On Mon, Jul 17, 2017 at 8:40 PM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
>
>
> On Mon, Jul 17, 2017 at 8:17 PM, Christian Ehrhardt <
> christian.ehrha...@canonical.com> wrote:
>>
>> So it is the parsing of the XML into objects I have to
On Mon, Jul 17, 2017 at 8:17 PM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
>
> So it is the parsing of the XML into objects I have to track down.
> Maybe it is even some Ubuntu Delta that no more correctly matches.
> Will run on build from upstream master a
On said example:
Libvirt 2.5:
Breakpoint 1, 0x3fffb7c77ba8 in virDomainDiskDefForeachPath
(disk=0x200ab490, ignoreOpenFailure=true, iter=0x20011dc0 ,
opaque=0x3fffef70) at ../../../src/conf/domain_conf.c:24851
$1 = (virStorageSourcePtr) 0x200ab630
(gdb) p disk->src->path
$2 = 0x200a9ff0
Hi,
I was mislead by my former assumption on the lifecycle.
As virt-aa-helper gets his xml passed into stdin.
I captured that and found that in both cases it had the same content.
Below steps to reproduce based on that:
Test -Xml:
kvmguest-artful-normal-a2
, add that as
the default attribute just as it was added in the past.
Example of the verification error:
$ virt-xml-validate mytest.xml
Relax-NG validity error : Extra element devices in interleave
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
src
On Sat, Jul 15, 2017 at 12:27 AM, Jim Fehlig <jfeh...@suse.com> wrote:
> On 07/11/2017 08:15 AM, Christian Ehrhardt wrote:
>
>>
>> What happens is that before the changes this auto-added a driver section
>> like:
>>
>> But now it does only add
>&
ng store info added.
But as outlined above, at the point virt-aa-helper runs now the necessary
backingStore data seems to be missing.
I couldn't find the related change or a way to fix it so far, so any hints
are welcome.
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list
Not sure how stupid it might be so clearly just a very humble RFC, but the
following seems to work for me:
Therefore no nicely polished patch, but just inline diff
--- a/src/libxl/libxl_domain.c
+++ b/src/libxl/libxl_domain.c
@@ -367,8 +367,9 @@
int actual_type =
ou if you could take a look into this?
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
> +VIR_STRDUP(cfg->firmwares[2]->nvram,
> VIR_QEMU_OVMF_SEC_NVRAM_PATH) < 0 ||
> +VIR_STRDUP(cfg->firmwares[3]->name,
> VIR_QEMU_AAVMF32_LOADER_PATH) < 0 ||
> +VIR_STRDUP(cfg->firmwares[3]->nvram,
> VIR_QEMU_AAVMF32_NVRAM_PATH) < 0)
> goto error;
> #endif
>
> --
> 2.11.0
>
> --
> libvir-list mailing list
> libvir-list@redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
anularily via virt-aa-helper - but otherwise
please let me know - I'll then add it to a bunch of issues of the category
"needs to be done in virt-aa-helper" which I already track.
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
On Fri, Jun 2, 2017 at 12:57 PM, Guido Günther wrote:
> Shouldn't this only be added when ceph is in use?
> Cheers,
> -- Guido
>
Yeah it is part of a category of rules where in a perfect world we would
wirte virt-aa-helper code for each of them.
In this particular case I
d
explaiantions.
See especially [1] for some reasoning for 'R' in general.
[1]:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=c726af2d5a2248f0dad01201b2fc5231fbd4c20f
[2]:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=cedd2ab28262db62976b351dbf2a0f8d9f88ca9e
--
Christian Ehrhardt
Software E
On Fri, May 19, 2017 at 9:55 AM, Guido Günther wrote:
> LGTM but I don't know much about PPC64, it's SLOF and where the device
> tree should be located.
>
Hi those paths for SLOF are the default one for Debian/Ubuntu at least.
$ dpkg -L qemu-slof
/.
/usr
/usr/share
thank you a lot!
Since we are about to submit a bigger pile of apparmor changes that hint
might certainly be handy the next days/weeks.
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
From: Serge Hallyn <serge.hal...@ubuntu.com>
There should be no need to make dir based pools world/group readable.
So use 0711, not 0755, as the default perms for storage dirs.
Updates in v2:
- adapt commit wording to mention dropping group readable as well
Signed-off-by: Christian Eh
or now I'm just rewording in regard to
this and resubmit to the thread.
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
PM spec - thanks Daniel to point this out.
It is 711 on Ubuntu as well for quite some time now.
Both together make this even less likely to have hidden drawbacks.
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Hi,
while cleaning out patchs that we held for a while on top of libvirt
I found this patch of Serge (thanks!) which I think would make just as
much sense in the upstream project itself.
Or in case the discussion might unveil why it might not make sense,
that would also be a win for us to adapt.
From: Serge Hallyn <serge.hal...@ubuntu.com>
There should be no need to make dir based pools world readable.
So use 0711, not 0755, as the default perms for storage dirs.
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
docs/formatstorage.html.in | 2 +-
On Thu, Mar 9, 2017 at 10:54 AM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
> In those cases do not report an
> internal error like:
> "internal error: End of file from qemu monitor"
>
There is some extra background on the issue that shall be f
If a shutdown is expected because it was triggered via libvirt we can
also expect the monitor to close. In those cases do not report an
internal error like:
"internal error: End of file from qemu monitor"
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com&g
F
virsh define /tmp/smoke-lxc.xml
virsh start sl
virsh list --all
# is running now
/etc/init.d/libvirtd restart
virsh list --all
# is no more running, but it should
Way more background and detail can be found at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848317
--
Christian Ehrhardt
Softwa
Ha intrigeri beat me by 3 minutes with feedback :-)
Tested it as well over lunch time, working for me too now:
That said:
Acked-by Christian Ehrhardt <christian.ehrha...@canonical.com>
On Mon, Dec 19, 2016 at 2:35 PM, intrigeri <intrigeri+libv...@boum.org>
wrote:
> Hi,
&g
Acked-by: Christian Ehrhardt <christian.ehrha...@canonical.co>
That (just FYI) is also equivalent to
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1615550
On Mon, Dec 12, 2016 at 11:59 AM, intrigeri <intrigeri+libv...@boum.org>
wrote:
> https://bugzilla.redhat.com/
idea who to cc.
Given that you come from a Debian point of view if I read mails correctly
you might want to add "Guido Günther <a...@sigxcpu.org>" for example.
Other than that it is down to waiting and sometimes pinging for response.
Also for both patches here my Acked-by: Chris
nux/man-pages/man5/proc.5.html
Quoting from there: "... A thread may modify *its* comm value, or that of
any of other thread *in the same thread group* ..."
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
explicit TID instead of a
pattern.
I'm convinced you confirmed your fix working, but I wonder if might want to
consider the "owner" part we had.
CCing a few people who were involved on the old patch.
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list ma
ewed discussion.
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
lid apparmor profile
Updates:
v2
- simplified and clarified commit message
- make the flag skip all secabel parsing
- shorten the new flag name
fixes: dfbc9a83 ("apparmor: QEMU monitor socket moved")
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
src/c
On Mon, Nov 21, 2016 at 9:03 AM, Guido Günther wrote:
> This should be shortened and clarified (see the other part of the
> thread). IMHO the root cause is that we parse the active domain XML but
> the live part of the seclabel is not filled in yet.
>
Ok, reasonable to keep
tions are changed to return the original
non-fully compliant with RFC4514 string format, while the new
ones return the compliant string by default. This allows applications
which relied on the previous format to continue functioning without
changes.
--
Christian Ehrhardt
Software Engine
version dependent definition of the wildcard strings
used by the tests (older gnutls versions require the old order).
Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
---
tests/virnettlssessiontest.c | 28
1 file changed, 28 insertions(+)
diff
- if anyone want to reproduce - can be found on
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1641615
But the primary purpose of the cover letter is a call to everybody to think if
that change could imply the need for more changes in libvirt than just to make
the tests work again.
Christian
Sorry, I seem to become a pest more than I'd like to, but my timer on this
thread expired again :-)
Was the feedback I gave to the questions last week ok to understand the
case and maybe reproduce to achieve a ack or do we need to discuss more?
--
libvir-list mailing list
libvir-list@redhat.com
On Thu, Nov 3, 2016 at 6:15 PM, Guido Günther <a...@sigxcpu.org> wrote:
Thanks for your feedback Guido!
On Mon, Oct 31, 2016 at 11:32:44AM +0100, Christian Ehrhardt wrote:
> > When parsing labels virt-aa-helper does no more pass
> > VIR_DOMAIN_DEF_PARSE_INACTIVE due to d
Sorry to bother, but "ping" for the list and adding some more people to CC
- for review or comments on this.
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Mon, Oct 31, 2016 at 11:32 AM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
> But that turned out to break non apparmor seclabels as well as apparmor
> seclabels in xmls without labels.
>
FYI - For a bit extra info on the case, debugging it and in general
stcase with virt-aa-helper on xml file:
virt-aa-helper -d -r -p 0 -u libvirt- < your-guest.xml
virt-aa-helper: error: could not parse XML
virt-aa-helper: error: could not get VM definition
(That should have printed a valid apparmor profile)
Signed-off-by: Christian Ehrhardt <christian.ehrha
Hollis Blanchard wrote:
On Wed, 2007-07-11 at 15:48 +0200, Christian Ehrhardt wrote:
thanks a lot ! Does this fix all the libvirt proper platform issues
(i.e. independantly of possible xen specific ones) ?
Yes it fixes them as far as they are currently known to me.
As I wrote
- used size for the
padding and I like that kind of readability.
--
Grüsse / regards,
Christian Ehrhardt
IBM Linux Technology Center, Open Virtualization
+49 7031/16-3385
[EMAIL PROTECTED]
[EMAIL PROTECTED]
IBM Deutschland Entwicklung GmbH
Vorsitzender des Aufsichtsrats: Johann Weihen
Daniel Veillard wrote:
On Wed, Jul 11, 2007 at 02:11:38PM +0200, Christian Ehrhardt wrote:
[...]
yes the only potential problem would be with other architectures where
__BIG_ENDIAN__ is defined and where the relative size of pointers and long
would be different.
We can change
,
there are related tracebacks in xend.log
*change number of cpu's
*create virtual network
--
Grüsse / regards,
Christian Ehrhardt
IBM Linux Technology Center, Open Virtualization
+49 7031/16-3385
[EMAIL PROTECTED]
[EMAIL PROTECTED]
IBM Deutschland Entwicklung GmbH
Vorsitzender des Aufsichtsrats
as the the valid 0x.
P.S. Thanks Hollis for the simple example code
--
Grüsse / regards,
Christian Ehrhardt
IBM Linux Technology Center, Open Virtualization
+49 7031/16-3385
[EMAIL PROTECTED]
[EMAIL PROTECTED]
IBM Deutschland Entwicklung GmbH
Vorsitzender des Aufsichtsrats: Johann
401 - 482 of 482 matches
Mail list logo