Hi, I was looking into reproducing this to be able to fix&verify then afterwards. I don't see the messages either with my setup, but I 100% trust Simon to have a correct report.
It all is for name resolution and the profile change is only for read - so it will be safe. We just need to able to reproduce. So I just assume we have to find the bit of config triggering the issue (we will need repro steps for SRU anyway after all). I'd have expected this to be due to libnss-libvirt (https://libvirt.org/nss.html) as it got added in yakkety. It would be the code that matches the denies. But the reports are on Xenial so that can't be it. I usually create my most basic test guests with: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily arch=amd64 label=daily release=xenial uvt-kvm create --memory 2048 --cpu 4 --password=ubuntu xenial-kernel-test release=xenial arch=amd64 label=daily And as smb reports that doesn't trigger the issue. @Simon could you create a guest with uvt as I shown above and check if that guest is free of the issue for you was well? If yes - we have to compare the guest xml vs your usually used one. If now - we have to check your local libvirt setup for what triggers this, so you might report any diff in libvirt.conf or (less likely) /etc/libvirt/qemu.conf that might be related then ** Changed in: libvirt (Ubuntu Xenial) Assignee: (unassigned) => ChristianEhrhardt (paelzer) ** Changed in: libvirt (Ubuntu) Assignee: (unassigned) => ChristianEhrhardt (paelzer) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1546674 Title: virt-aa-helper Apparmor profile missing rules for name resolution To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1546674/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
