Public bug reported:
We are adding new functionality/tests to Cockpit to integrate VNC/spice
consoles (https://github.com/cockpit-project/cockpit/pull/5932). This
triggers a new AppArmor violation:
[ 12.117988] audit: type=1400 audit(1496848789.154:16):
apparmor="DENIED" operation="open" profile="libvirt-
c99ea6d2-4f29-4cc1-a486-0dc02b85ac16" name="/etc/gss/mech.d/" pid=6507
comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055
ouid=0
I'm not sure what that is being used for, but I suppose this should
either be allowed or explicitly denied to avoid this DENIED alarm bell.
This happens on both 16.04 LTS and 17.04.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: libvirt-bin 1.3.1-1ubuntu10.10
ProcVersionSignature: Ubuntu 4.4.0-79.100-generic 4.4.67
Uname: Linux 4.4.0-79-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.6
Architecture: amd64
Date: Wed Jun 7 11:25:37 2017
SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.libvirt.qemu.networks.default.xml: [modified]
mtime.conffile..etc.libvirt.qemu.networks.default.xml:
2017-06-06T15:17:43.504000
** Affects: libvirt (Ubuntu)
Importance: Undecided
Status: New
** Affects: libvirt (Ubuntu Xenial)
Importance: Undecided
Status: New
** Tags: amd64 apparmor apport-bug xenial
** Also affects: libvirt (Ubuntu Xenial)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1696471
Title:
AppArmor denies access to /etc/gss/mech.d/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1696471/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
