Public bug reported:
Libvirt qemu-kvm guests backed by zvols (ZFS volumes) generate useless
noise due to virt-aa-helper trying to read the backing device in the
host (/dev/zdX). Other host's devs are already denied in virt-aa-
helper's profile:
# for hostdev
/sys/devices/ r,
/sys/devices/** r,
/sys/bus/usb/devices/ r,
/sys/bus/usb/devices/** r,
deny /dev/sd* r,
deny /dev/dm-* r,
deny /dev/mapper/ r,
deny /dev/mapper/* r,
Adding "deny /dev/zd[0-9]* r," would silence Apparmor.
** Affects: libvirt (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1641618
Title:
Apparmor denials caused by virt-aa-helper trying to read zvol devices
(/dev/zdX) should be silenced
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1641618/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
