OK, just a bit more context here.
I was able to start the VM after setting the suid bit on
/usr/libexec/qemu/qemu-bridge-helper. This is something users have been
expected to do for many years on Debian-like systems now, because we
conscientiously ship this helper *without* the suid bit set.
The apparmor deny message I mentioned before:
[ 182.228244] audit: type=1400 audit(1725680469.378:136):
apparmor="DENIED" operation="open" class="file"
profile="libvirtd//qemu_bridge_helper" name="/sys/devices/system/node/"
pid=1292 comm="qemu-bridge-hel" requested_mask="r" denied_mask="r"
fsuid=0 ouid=0
still shows up even after the VM has been successfully started, which
means it's not a critical problem and can be fixed later.
** Changed in: libvirt (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2079806
Title:
qemu-bridge-helper denied by apparmor on oracular
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/2079806/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
