** Description changed: On Ubuntu 14.04, while trying to run a VM using Xen + Libvirt I am not able to boot it, because apparmor prevents libivrt from running pygrub: - type=1400 audit(1401803854.411:30): apparmor="DENIED" + type=1400 audit(1401803854.411:30): apparmor="DENIED" operation="exec" profile="/usr/sbin/libvirtd" name="/usr/lib/xen-4.4/bin/pygrub" pid=7237 comm="libvirtd" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 Setting libvirtd to complain only workarounds the issue. The installed versions are: - ii apparmor 2.8.95~2430-0ubuntu5 amd64 User-space parser utility for AppArmor - ii libvirt-bin 1.2.2-0ubuntu13.1 amd64 programs for the libvirt libr + ii apparmor 2.8.95~2430-0ubuntu5 amd64 User-space parser utility for AppArmor + ii libvirt-bin 1.2.2-0ubuntu13.1 amd64 programs for the libvirt libr + + SRU Justification (for Trusty): + + Impact: Apparmor prevents execution of pygrub from libvirtd / libxl. + This prevents Xen PV guests being launched through libvirt. + + Fix: Simple addition to the apparmor rules to allow execution of pygrub. + + Testcase: Trying to launch a PV guest from libvirt (definition has + bootloader set to pygrub and is of type linux) will fail. It succeeds + with the change.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1326003 Title: apparmor prevents libvirt from running pygrub To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1326003/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
