Hi Christian, yes I've still got it on my backlog. This likely should be two separate (but related) bugs, both here and upstream. I've been through a pair of patch submissions [1][2]; the second only covers the macvtap case - I'm currently waiting on upstream review for that patch.
As discussed in [1], the blockcommit issue is a bit stickier because there's no straightforward way (that I've yet found) to get access to libvirt's view of the ongoing block jobs from within the apparmor security driver. I need to look more closely at this. In the meantime I'll attach the workaround we've been using. [1] https://lists.libvirt.org/archives/list/[email protected]/thread/UNNBQCMTOCLILQFBDG75734OCQZIXWQF/ [2] https://lists.libvirt.org/archives/list/[email protected]/thread/IPEBLU63JTLWMHZZDEP3KQ6AMVC53VKR/ ** Patch added: "lp2126574-virt-aa-helper-Disable-readonly-disk-rules.patch" https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/2126574/+attachment/5945188/+files/lp2126574-virt-aa-helper-Disable-readonly-disk-rules.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2126574 Title: Fix AppArmor policy restore for runtime rules (upstream #692) To manage notifications about this bug go to: https://bugs.launchpad.net/libvirt/+bug/2126574/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
