Public bug reported:
---Problem Description---
VM fails to start with dac security driver added
---uname output---
Linux ltc-test-ci1 4.4.0-9136-generic #55-Ubuntu SMP Fri Aug 26 05:56:24 UTC
2016 ppc64le ppc64le ppc64le GNU/Linux
Machine Type = power 8 ppc64le
---Steps to Reproduce---
VM fails to start with dac security driver added
1. Define a VM with both apparmor and dac security driver( Used XML as below)
#virsh dumpxml virt-tests-vm1
<domain type='kvm'>
<name>virt-tests-vm1</name>
<uuid>0491f0cd-eb14-4992-be4c-53a1adf1d314</uuid>
<memory unit='KiB'>33554432</memory>
<currentMemory unit='KiB'>33554432</currentMemory>
<vcpu placement='static'>32</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='ppc64le' machine='pseries-2.6'>hvm</type>
<boot dev='hd'/>
</os>
<cpu>
<topology sockets='1' cores='32' threads='1'/>
</cpu>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
<emulator>/usr/bin/kvm</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source
file='/var/lib/libvirt/images/sath/avocado-fvt-wrapper/data/avocado-vt/images/ubuntu-16.10-ppc64le.qcow2'/>
<target dev='sda' bus='scsi'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<controller type='usb' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02'
function='0x0'/>
</controller>
<controller type='pci' index='0' model='pci-root'/>
<controller type='scsi' index='0'>
<address type='spapr-vio' reg='0x2000'/>
</controller>
<interface type='bridge'>
<mac address='52:54:00:e2:e3:e4'/>
<source bridge='virbr0'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01'
function='0x0'/>
</interface>
<serial type='pty'>
<target port='0'/>
<address type='spapr-vio' reg='0x30000000'/>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
<address type='spapr-vio' reg='0x30000000'/>
</console>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03'
function='0x0'/>
</memballoon>
<panic model='pseries'/>
</devices>
<seclabel type='dynamic' model='apparmor' relabel='yes'/>
<seclabel type='dynamic' model='dac' relabel='yes'/>
</domain>
2. virsh start virt-tests-vm1
#virsh start virt-tests-vm1
error: Failed to start domain virt-tests-vm1
error: internal error: cannot load AppArmor profile
'libvirt-0491f0cd-eb14-4992-be4c-53a1adf1d314'------NOK
3. After removing dac line from xml(<seclabel type='dynamic' model='dac'
relabel='yes'/>) VM started fine
#virsh start virt-tests-vm1
Domain virt-tests-vm1 started
Userspace tool common name: ii libvirt-bin
2.1.0-1ubuntu5 ppc64el programs for the libvirt
library
The userspace tool has the following bit modes: both
Userspace package: ii libvirt-bin
2.1.0-1ubuntu5 ppc64el programs for the
libvirt library
** Affects: libvirt (Ubuntu)
Importance: Undecided
Assignee: Taco Screen team (taco-screen-team)
Status: New
** Tags: architecture-ppc64le bugnameltc-145787 severity-critical
targetmilestone-inin1610
** Tags added: architecture-ppc64le bugnameltc-145787 severity-critical
targetmilestone-inin1610
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1633207
Title:
VM fails to start with dac security driver added
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1633207/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
