Sometimes there are new methods not directly implemented for Apparmor,
if they are made required this can be an issue as in this case.

E.g. in the case of 
+    .domainSetSecurityInputLabel        = virSecurityApparmorSetInputLabel,
+    .domainRestoreSecurityInputLabel    = virSecurityApparmoRestoreInputLabel,
this was internal so far, but now opened up.

I implemented some of them recently, but the issue reported indicates a few 
more are missing.
I checked which as of today apparmor could grow to be complete again and found:

    virSecurityDomainSetMemoryLabel domainSetSecurityMemoryLabel;               
    virSecurityDomainRestoreMemoryLabel domainRestoreSecurityMemoryLabel;       
    virSecurityDomainSetInputLabel domainSetSecurityInputLabel;                 
    virSecurityDomainRestoreInputLabel domainRestoreSecurityInputLabel;

Both are existing quite a while and never (so far) were crucial.
But some other change made them be a hard requirement.

I'll need to look at the arguments passed to implement and also check a few 
more details.
As it seems atm
mem: nvdimms have a path, provide a rw rule for them
inp: passthrough devs input->source.evdev seems to be a path, provide a rw rule 
for them

** Changed in: libvirt (Ubuntu)
       Status: Confirmed => Triaged

** Changed in: libvirt (Ubuntu)
   Importance: Undecided => High

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  [Ubuntu 18.04] Memory hotplug fails with error

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to