Verified in Proposed, here the full log: root@artful-qatests:~# qemu-img create /var/lib/libvirt/A.img 1M Formatting '/var/lib/libvirt/A.img', fmt=raw size=1048576 root@artful-qatests:~# cat <<EOF > testguest.xml > <domain type='kvm'> > <name>testguest</name> > <uuid>deadbeef-dead-beef-dead-beefdeadbeef</uuid> > <memory unit='KiB'>1024</memory> > <vcpu placement='static'>1</vcpu> > <os> > <type arch='x86_64' machine='pc-i440fx-zesty'>hvm</type> > <boot dev='hd'/> > </os> > <features> > <acpi/> > <apic/> > <pae/> > </features> > <devices> > <emulator>/usr/bin/kvm-spice</emulator> > <disk type='file' device='disk'> > <driver name='qemu'/> > <source file='/var/lib/libvirt/A.img'/> > <target dev='vda'/> > </disk> > </devices> > <seclabel type='dynamic' model='apparmor' relabel='yes'/> > </domain> > EOF root@artful-qatests:~# virsh define testguest.xml Domain testguest defined from testguest.xml
root@artful-qatests:~# virsh start testguest Domain testguest started root@artful-qatests:~# qemu-img create /var/lib/libvirt/F.img 1M Formatting '/var/lib/libvirt/F.img', fmt=raw size=1048576 root@artful-qatests:~# cat <<EOF >diskF.xml > <disk type='file'> > <driver name='qemu'/> > <source file='/var/lib/libvirt/F.img'/> > <target dev='sdc'/> > </disk> > EOF root@artful-qatests:~# virsh attach-device testguest diskF.xml error: Failed to attach device from diskF.xml error: internal error: unable to execute QEMU command 'device_add': Property 'scsi-hd.drive' can't find value 'drive-scsi0-0-2' root@artful-qatests:~# dmesg | tail -n 4 [152072.603398] audit: type=1400 audit(1508919165.522:639): apparmor="DENIED" operation="file_lock" profile="libvirt-deadbeef-dead-beef-dead-beefdeadbeef" name="/var/lib/libvirt/F.img" pid=17985 comm="qemu-system-x86" requested_mask="k" denied_mask="k" fsuid=64055 ouid=64055 [152072.603400] audit: type=1400 audit(1508919165.523:640): apparmor="DENIED" operation="file_lock" profile="libvirt-deadbeef-dead-beef-dead-beefdeadbeef" name="/var/lib/libvirt/F.img" pid=17985 comm="qemu-system-x86" requested_mask="k" denied_mask="k" fsuid=64055 ouid=64055 [152072.603402] audit: type=1400 audit(1508919165.523:641): apparmor="DENIED" operation="file_lock" profile="libvirt-deadbeef-dead-beef-dead-beefdeadbeef" name="/var/lib/libvirt/F.img" pid=17985 comm="qemu-system-x86" requested_mask="k" denied_mask="k" fsuid=64055 ouid=64055 [152072.739782] audit: type=1400 audit(1508919165.659:642): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="libvirt-deadbeef-dead-beef-dead-beefdeadbeef" pid=18063 comm="apparmor_parser" # Now changing to the version in proposed root@artful-qatests:~# # enable proposed root@artful-qatests:~# vim /etc/apt/sources.list root@artful-qatests:~# apt update Hit:1 http://archive.ubuntu.com/ubuntu artful InRelease Ign:2 http://ddebs.ubuntu.com artful InRelease Get:3 http://archive.ubuntu.com/ubuntu artful-updates InRelease [76.7 kB] Ign:4 http://ddebs.ubuntu.com artful-updates InRelease Ign:5 http://ddebs.ubuntu.com artful-proposed InRelease Hit:6 http://ddebs.ubuntu.com artful Release Hit:7 http://archive.ubuntu.com/ubuntu artful-backports InRelease Hit:8 http://ddebs.ubuntu.com artful-updates Release Get:9 http://archive.ubuntu.com/ubuntu artful-proposed InRelease [235 kB] Hit:10 http://security.ubuntu.com/ubuntu artful-security InRelease Hit:12 http://ddebs.ubuntu.com artful-proposed Release Get:14 http://archive.ubuntu.com/ubuntu artful-proposed/main Sources [13.6 kB] Get:15 http://archive.ubuntu.com/ubuntu artful-proposed/universe Sources [50.6 kB] Get:17 http://archive.ubuntu.com/ubuntu artful-proposed/multiverse Sources [3832 B] Get:18 http://archive.ubuntu.com/ubuntu artful-proposed/main amd64 Packages [38.7 kB] Get:19 http://archive.ubuntu.com/ubuntu artful-proposed/main Translation-en [16.3 kB] Get:20 http://archive.ubuntu.com/ubuntu artful-proposed/universe amd64 Packages [40.1 kB] Get:21 http://archive.ubuntu.com/ubuntu artful-proposed/universe Translation-en [25.2 kB] Get:22 http://archive.ubuntu.com/ubuntu artful-proposed/multiverse amd64 Packages [2896 B] Get:23 http://archive.ubuntu.com/ubuntu artful-proposed/multiverse Translation-en [1196 B] Fetched 504 kB in 0s (553 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done 23 packages can be upgraded. Run 'apt list --upgradable' to see them. root@artful-qatests:~# apt install libvirt-daemon-system Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: libvirt-clients libvirt-daemon libvirt0 Suggested packages: numad radvd auditd systemtap nfs-common zfsutils pm-utils The following packages will be upgraded: libvirt-clients libvirt-daemon libvirt-daemon-system libvirt0 4 upgraded, 0 newly installed, 0 to remove and 15 not upgraded. Need to get 4058 kB of archives. After this operation, 0 B of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 http://archive.ubuntu.com/ubuntu artful-proposed/main amd64 libvirt-daemon-system amd64 3.6.0-1ubuntu6 [78.5 kB] Get:2 http://archive.ubuntu.com/ubuntu artful-proposed/main amd64 libvirt-clients amd64 3.6.0-1ubuntu6 [587 kB] Get:3 http://archive.ubuntu.com/ubuntu artful-proposed/main amd64 libvirt-daemon amd64 3.6.0-1ubuntu6 [2149 kB] Get:4 http://archive.ubuntu.com/ubuntu artful-proposed/main amd64 libvirt0 amd64 3.6.0-1ubuntu6 [1243 kB] Fetched 4058 kB in 2s (1838 kB/s) Preconfiguring packages ... (Reading database ... 89501 files and directories currently installed.) Preparing to unpack .../libvirt-daemon-system_3.6.0-1ubuntu6_amd64.deb ... Unpacking libvirt-daemon-system (3.6.0-1ubuntu6) over (3.6.0-1ubuntu5) ... Preparing to unpack .../libvirt-clients_3.6.0-1ubuntu6_amd64.deb ... Unpacking libvirt-clients (3.6.0-1ubuntu6) over (3.6.0-1ubuntu5) ... Preparing to unpack .../libvirt-daemon_3.6.0-1ubuntu6_amd64.deb ... Unpacking libvirt-daemon (3.6.0-1ubuntu6) over (3.6.0-1ubuntu5) ... Preparing to unpack .../libvirt0_3.6.0-1ubuntu6_amd64.deb ... Unpacking libvirt0:amd64 (3.6.0-1ubuntu6) over (3.6.0-1ubuntu5) ... Processing triggers for ureadahead (0.100.0-20) ... Setting up libvirt0:amd64 (3.6.0-1ubuntu6) ... Setting up libvirt-daemon (3.6.0-1ubuntu6) ... Processing triggers for libc-bin (2.26-0ubuntu2) ... Processing triggers for systemd (234-2ubuntu12) ... Processing triggers for man-db (2.7.6.1-2) ... Setting up libvirt-clients (3.6.0-1ubuntu6) ... Setting up libvirt-daemon-system (3.6.0-1ubuntu6) ... Installing new version of config file /etc/apparmor.d/abstractions/libvirt-qemu ... virtlockd.service is a disabled or a static unit, not starting it. Setting up libvirt-daemon dnsmasq configuration. root@artful-qatests:~# virsh attach-device testguest diskF.xml Device attached successfully root@artful-qatests:~# virsh detach-device testguest diskF.xml Device detached successfully root@artful-qatests:~# virsh attach-device testguest diskF.xml Device attached successfully root@artful-qatests:~# virsh detach-device testguest diskF.xml Device detached successfully root@artful-qatests:~# # working fine, even repeated - verified ** Tags removed: verification-needed verification-needed-artful ** Tags added: verification-done verification-done-artful -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1726804 Title: rules for images on attach-device not containing lock permission To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1726804/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
