This is the failing function 221 /* returns -1 on error or profile for libvirtd is unconfined, 0 if complain 222 * mode and 1 if enforcing. This is required because at present you cannot 223 * aa_change_profile() from a process that is unconfined. 224 */ 225 static int 226 use_apparmor(void) 227 { 228 int rc = -1; 229 char *libvirt_daemon = NULL; 230 231 if (virFileResolveLink("/proc/self/exe", &libvirt_daemon) < 0) { 232 virReportError(VIR_ERR_INTERNAL_ERROR, 233 "%s", _("could not find libvirtd")); 234 return rc; 235 } 236 237 /* If libvirt_lxc is calling us, then consider apparmor is used 238 * and enforced. */ 239 if (strstr(libvirt_daemon, "libvirt_lxc")) 240 return 1; 241 242 if (access(APPARMOR_PROFILES_PATH, R_OK) != 0) 243 goto cleanup; 244 245 /* First check profile status using full binary path. If that fails 246 * check using profile name. 247 */ 248 rc = profile_status(libvirt_daemon, 1); 249 if (rc < 0) { 250 rc = profile_status("libvirtd", 1); 251 /* Error or unconfined should all result in -1 */ 252 if (rc < 0) 253 rc = -1; 254 } 255 256 cleanup: 257 VIR_FREE(libvirt_daemon); 258 return rc; 259 }
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1895967 Title: 3.0.0~beta1-0ubuntu1 in Groovy breaks Libvirt/Qemu/KVM To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1895967/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs