Some docs on the gereral use case: - http://wiki.libvirt.org/page/Live-disk-backup-with-active-blockcommit - http://wiki.libvirt.org/page/Live-merge-an-entire-disk-image-chain-including-current-active-disk
Steps to reproduce: # create basic guest $ apt install uvtool-libvirt $ uvt-simplestreams-libvirt --verbose sync --source http://cloud-images.ubuntu.com/daily arch=amd64 label=daily release=xenial $ uvt-kvm create --password=ubuntu xenial-testblockcommit release=xenial arch=amd64 label=daily # By default there is (intentionally) not much a qemu process can read/write to # To make external snapshots you have to either: # - define some dir for the guest to snapshot to and add it to its apparmor rules # - create the snapshot upfront qemu-img -c which will generate the rules for the backing chain # But fortunately uvtool already sets things up just the way we need it. # By default the root disk is a snapshot to the base cloud-image # You can check the chain: $ qemu-img info --backing-chain /var/lib/uvtool/libvirt/images/xenial-testblockcommit.qcow # The guest lists the snapshot as it's disk $ virsh domblklist xenial-testblockcommit Target Source ------------------------------------------------ vda /var/lib/uvtool/libvirt/images/xenial-testblockcommit.qcow # in /etc/apparmor.d/libvirt/libvirt-<uuid>.files we can see the related rules # r/w to the current snapshot "/var/lib/uvtool/libvirt/images/xenial-testblockcommit.qcow" rwk # but only r to the base image "/var/lib/uvtool/libvirt/images/x-uvt-b64-Y29tLnVidW50dS5jbG91ZC5kYWlseTpzZXJ2ZXI6MTYuMDQ6YW1kNjQgMjAxNzA5MTk=" rk, $ virsh blockcommit xenial-testblockcommit vda --active --pivot --verbose Block commit: [100 %] Successfully pivoted root@artful-test:~# virsh domblklist xenial-testblockcommit Target Source ------------------------------------------------ vda /var/lib/uvtool/libvirt/images/x-uvt-b64-Y29tLnVidW50dS5jbG91ZC5kYWlseTpzZXJ2ZXI6MTYuMDQ6YW1kNjQgMjAxNzA5MTk= The action added another rule: "/var/lib/uvtool/libvirt/images/x-uvt-b64-Y29tLnVidW50dS5jbG91ZC5kYWlseTpzZXJ2ZXI6MTYuMDQ6YW1kNjQgMjAxNzA5MTk=" rw, Since today we have [1] applied this needs to be unapplied to check if this is still an issue to be fixed or if the actual addition of the second rule is new and fixes the issue completely. Unfortunately something made libvirt an FTBFS that I have to fix first. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1692441 Title: proper code for virt-aa-helper to allow blockcommit rw as needed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1692441/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
