Hi,
thanks for your answer. Here the files (id of instance has changed
because of reproduction).
/etc/apparmor.d/libvirt/libvirt-88917d0e-c873-4a73-9ec1-a458d64a1df9 :
#
# This profile is for the domain whose UUID matches this file.
#
#include <tunables/global>
profile libvirt-88917d0e-c873-4a73-9ec1-a458d64a1df9 {
#include <abstractions/libvirt-qemu>
#include <libvirt/libvirt-88917d0e-c873-4a73-9ec1-a458d64a1df9.files>
}
/etc/apparmor.d/libvirt/libvirt-
88917d0e-c873-4a73-9ec1-a458d64a1df9.files :
# DO NOT EDIT THIS FILE DIRECTLY. IT IS MANAGED BY LIBVIRT.
"/var/log/libvirt/**/instance-00000014.log" w,
"/var/lib/libvirt/qemu/domain-instance-00000014/monitor.sock" rw,
"/var/lib/libvirt/qemu/domain-1-instance-00000014/*" rw,
"/var/lib/libvirt/qemu/channel/target/domain-1-instance-00000014/*" rw,
"/var/run/libvirt/**/instance-00000014.pid" rwk,
"/run/libvirt/**/instance-00000014.pid" rwk,
"/var/run/libvirt/**/*.tunnelmigrate.dest.instance-00000014" rw,
"/run/libvirt/**/*.tunnelmigrate.dest.instance-00000014" rw,
"/var/lib/nova/instances/88917d0e-c873-4a73-9ec1-a458d64a1df9/disk" rwk,
"/var/lib/nova/instances/_base/a384e02b9e9b6097573a68b9e7ade76432f819a0" rk,
/dev/vhost-net rw,
"/dev/net/tun" rwk,
The instance is deleted at virsh after failure, so the dumpxml has also
an different id, but the same failure.
** Attachment added: "output of virsh dumpxml"
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1762769/+attachment/5123786/+files/virsh.out
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1762769
Title:
missing entry at apparmor profile for nova instances
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1762769/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
