** Description changed: + SRU Justification: + + Impact: cannot use local SDL graphics + + Fix: add 3 sysvipc functions to the seccomp whitelist. + Steps to reproduce: 1) Set "seccomp_sandbox = 1" in /etc/libvirt/qemu.conf 2) stop libvirt-bin; start libvirt-bin 3) Define a VM using SDL graphic. Example XML extract: - <graphics type='sdl' display=':0' xauth='/home/simon/.Xauthority'/> - <video> - <model type='vmvga' vram='9216' heads='1'/> - </video> + <graphics type='sdl' display=':0' xauth='/home/simon/.Xauthority'/> + <video> + <model type='vmvga' vram='9216' heads='1'/> + </video> 4) xhost +SI:localgroup:kvm 5) Start the VM Expected behavior: should display a usable SDL window Problematic behavior: displays an empty SDL window Workaround: don't use QEMU's seccomp_sandbox ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: libvirt-bin 1.2.2-0ubuntu13.1.15 ProcVersionSignature: Ubuntu 3.13.0-73.116-generic 3.13.11-ckt30 Uname: Linux 3.13.0-73-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.19 Architecture: amd64 CurrentDesktop: Unity Date: Fri Dec 11 20:39:00 2015 InstallationDate: Installed on 2014-01-26 (684 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124) KernLog: - + SourcePackage: libvirt UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1525457 Title: QEMU seccomp_sandbox prevents local SDL graphic from working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1525457/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
