I also tested hacking in conf.script = "/bin/true" to nova. You suspected it might fail with apparmor preventing /bin/true execution, I can confirm that it did indeed fail.
type=AVC msg=audit(1487951915.530:99345): apparmor="DENIED" operation="exec" profile="libvirt-5ea8f14c-73c8-4e21-9f64-28d60c1919c6" name="/bin/true" pid=802296 comm="qemu-system-x86" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 type=PATH msg=audit(1487951915.530:99345): item=0 name="/bin/true" inode=44 dev=08:01 mode=0100755 ouid=0 ogid=0 rdev=00:00 nametype=NORMAL -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1665698 Title: /etc/qemu-ifup not allowed by apparmor To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1665698/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
