[Bug 1610368] Re: qemu-system-x86_64 read acces DENIED in apparmor

2017-08-08 Thread ChristianEhrhardt
*** This bug is a duplicate of bug 1552241 *** https://bugs.launchpad.net/bugs/1552241 Hi, getting to my attention now due to the drop of upstream qemu. This is actually a dup of bug 1552241 TL;DR: - yes it is an issue - the /run/udev/data/* blanket is considered "too open" - a correct fix

[Bug 1610368] Re: qemu-system-x86_64 read acces DENIED in apparmor

2017-07-27 Thread Thomas Huth
** No longer affects: qemu -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1610368 Title: qemu-system-x86_64 read acces DENIED in apparmor To manage notifications about this bug go to:

[Bug 1610368] Re: qemu-system-x86_64 read acces DENIED in apparmor

2017-07-21 Thread PascalC
** Also affects: qemu Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1610368 Title: qemu-system-x86_64 read acces DENIED in apparmor To manage

[Bug 1610368] Re: qemu-system-x86_64 read acces DENIED in apparmor

2016-08-05 Thread Serge Hallyn
Looking at the contents of those files, I think giving libvirt vms read access by default to all of them should be safe. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1610368 Title:

[Bug 1610368] Re: qemu-system-x86_64 read acces DENIED in apparmor

2016-08-05 Thread PascalC
apparmor profile $ cat /etc/apparmor.d/libvirt/libvirt-d694857f-577a-45d4-81d2-4f3672ae7bd4 # # This profile is for the domain whose UUID matches this file. # #include profile libvirt-d694857f-577a-45d4-81d2-4f3672ae7bd4 { #include #include } -- You received this bug notification

[Bug 1610368] Re: qemu-system-x86_64 read acces DENIED in apparmor

2016-08-05 Thread PascalC
$ cat /etc/apparmor.d/libvirt/libvirt-d694857f-577a-45d4-81d2-4f3672ae7bd4.files # DO NOT EDIT THIS FILE DIRECTLY. IT IS MANAGED BY LIBVIRT. "/var/log/libvirt/**/win8.1.log" w, "/var/lib/libvirt/qemu/domain-win8.1/monitor.sock" rw, "/var/run/libvirt/**/win8.1.pid" rwk,