libvirt already has the ability to inject AppArmor rules into the
profile that it generates for a domain when you set/modify the path to a
disk image. You can test this manually by running `virsh edit DOMAIN`,
adjusting one of the paths in the xml, and then looking at the
corresponding change in /etc/apparmor.d/libvirt/libvirt-*.files.
I'm confused about why this isn't working for you. Maybe you're going
through libvirt to set/update the paths to your images?
Can you post a sample XML file and the AppArmor denials that you're
seeing when using the XML file?
** Changed in: libvirt (Ubuntu)
Status: Triaged => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1644507
Title:
virt-aa-helper denied access to qcow2 backing file running nova in a
snap
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1644507/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
