[Expired for libvirt (Ubuntu) because there has been no activity for 60
days.]
** Changed in: libvirt (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hi,
I put you unwillingly into cross-issues (
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1384532 ), but
that maybe enlighten useful behaviors of apparmarmor and libvirt.
Root causes for this ticket and the other one reopening were my
mistakes, not bugs.
Thanks again for your inputs:
Hi Pascal,
thanks for finding all the references - interesting read.
There is a long story short to this - the default apparmor profile tries
to allow you things that are safe and common. If you want to allow it
more, you'd have to extend the profile e.g. the abstraction in
Maybe not a false-positive:
https://www.reddit.com/r/VFIO/comments/8o13i4/cant_start_vm_with_lookingglass_shared_memory/e1kp9s2
In there, people installed kind of an add-on to libvirt. This add-on
requires a file in the '/dev/shm' shared-memory.
With a properly running AppArmor, that new file
In fact, I got that '/dev/shm/foo' file denied too, on localhost, as
soon as I fixed the AppArmor daemon through your advices. When I filled
the bug initially, that file was living flawlessly.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Hi Christian,
Also thanks for input, and sorry for wasting your time: it's probably a
false-positive issue, to reject.
I went too quick and proceeded before reading the 2 troubleshooting commands
you advised. But well, I think I did the same in a less precise manner:
--
$ sudo ls -lah
FYI - the snipped doing that can be found in
/var/lib/dpkg/info/libvirt-daemon-system.postinst
if [ "$1" = "configure" ]; then
APP_PROFILE="/etc/apparmor.d/usr.lib.libvirt.virt-aa-helper"
if [ -f "$APP_PROFILE" ]; then
# Add the local/ include
Hi Pascal,
I thought I have seen that working several times and reran the case to be sure.
root@b:~# dpkg -l libvirt-daemon-system
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err:
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1786677
Title:
[bionic] [libvirt-daemon-system] Missing AppArmor configuration
