Hi Nicolas, yeah that isn't easy to fix and at least I didn't find the time to develop something completely new to cover this yet.
I challenge the statement "Even the default storage pool /var/lib/libvirt/images is not working", it does and it does well. And for things that are under the control of Ubuntu in the Archive even a few alternative paths work (openstack, uvtool, ...). The issue you report is -not- using the default paths, the Deny lists "/mnt/images/ubuntu-admin-qcow2" which clearly is not in one of the common paths. In general for using uncommon paths [1] the solution is that an admin has to declare those paths as allowed in a local apparmor include. So if terraform would usually /a/b/c it should also either recommend the admin to do so or even consider adding it to the files itself. [1]: https://wiki.ubuntu.com/LibvirtApparmor#Using_uncommon_paths ** Changed in: libvirt (Ubuntu Xenial) Status: Confirmed => Won't Fix ** Changed in: libvirt (Ubuntu Zesty) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1677398 Title: Apparmor prevents using storage pools and hostdev networks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1677398/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
