Thank, so that comes down to operation="file_receive" profile="/usr/sbin/libvirtd" pid=8341 comm="qemu-system-x86" family="unix" sock_type="stream" requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="libvirt-50fea9df-e318-490a-aca6-725c8bcb75e3"
operation="file_receive" profile="/usr/sbin/libvirtd" pid=8341 comm ="qemu-system-x86" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="libvirt-50fea9df-e318-490a-aca6-725c8bcb75e3" We have: apparmor/libvirt-qemu unix (send, receive) type=stream addr=none peer=(label=/usr/sbin/libvirtd), That seems to be vice versa to the new virtualization stacks DENIED message. So instead of the old where qemu contacted libvirt, this is libvirt contacting qemu (maybe due to an upstream change). I tried to reproduce your case, but it doesn't trigger for me (yet - i'm going on to try differently). Could you add the following line: unix (send, receive) type=stream addr=none peer=(label=libvirt-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*), to the file: /etc/apparmor.d/local/usr.sbin.libvirtd Then restart libvirtd (systemctl restart libvirtd) and then try again? That should allow the connection in said direction. If the above is not working we could fall back to a simpler pattern like: unix (send, receive) type=stream addr=none peer=(label=libvirt-*), -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1741617 Title: Mouse integration not working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/virt-manager/+bug/1741617/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
