This is the failing function
221 /* returns -1 on error or profile for libvirtd is unconfined, 0 if
complain
222 * mode and 1 if enforcing. This is required because at present you cannot
223 * aa_change_profile() from a process that is unconfined.
224 */
225 static int
226 use_apparmor(void)
227 {
228 int rc = -1;
229 char *libvirt_daemon = NULL;
230
231 if (virFileResolveLink("/proc/self/exe", &libvirt_daemon) < 0) {
232 virReportError(VIR_ERR_INTERNAL_ERROR,
233 "%s", _("could not find libvirtd"));
234 return rc;
235 }
236
237 /* If libvirt_lxc is calling us, then consider apparmor is used
238 * and enforced. */
239 if (strstr(libvirt_daemon, "libvirt_lxc"))
240 return 1;
241
242 if (access(APPARMOR_PROFILES_PATH, R_OK) != 0)
243 goto cleanup;
244
245 /* First check profile status using full binary path. If that fails
246 * check using profile name.
247 */
248 rc = profile_status(libvirt_daemon, 1);
249 if (rc < 0) {
250 rc = profile_status("libvirtd", 1);
251 /* Error or unconfined should all result in -1 */
252 if (rc < 0)
253 rc = -1;
254 }
255
256 cleanup:
257 VIR_FREE(libvirt_daemon);
258 return rc;
259 }-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1895967 Title: 3.0.0~beta1-0ubuntu1 in Groovy breaks Libvirt/Qemu/KVM To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1895967/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
