Ubuntu
libvirt package

[virtfs] guest fails to access through p9fs because AppArmor denied

Bug #1285995 reported by Hiroshi Miura on 2014-02-28

66

This bug affects 19 people

Affects		Status	Importance	Assigned to	Milestone
	libvirt (Ubuntu)	Fix Released	High	Unassigned

Bug Description

libvirt don't generate AppArmor rule for p9share by qemu-kvm.
This causes audit DENIED to access host files from guest os.

Here is related issue:
https://github.com/adrahon/vagrant-kvm/pull/125

Please find an attachment that is a patch to implement that generate nessesary data by virt-aa-helper.

Tags:

Revision history for this message

Hiroshi Miura (miurahr) wrote on 2014-02-28:

#1

0001-virt-aa-helper-qemu-add-rw-permission-to-p9-shared-f.patch Edit (1.5 KiB, text/plain)

Revision history for this message

Serge Hallyn (serge-hallyn) wrote on 2014-02-28:

#2

Thanks very much for submitting this bug and this patch. I'll get it into 14.04. Please let me know if you need it in other releases.

Changed in libvirt (Ubuntu):
importance:	Undecided → High
status:	New → In Progress

Revision history for this message

Ubuntu Foundations Team Bug Bot (crichton) wrote on 2014-02-28:

#3

The attachment "0001-virt-aa-helper-qemu-add-rw-permission-to-p9-shared-f.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags:

added: patch

Revision history for this message

Serge Hallyn (serge-hallyn) wrote on 2014-02-28:

#4

Hi,

thank you for this patch. Do you intend to send this patch upstream?

Revision history for this message

Serge Hallyn (serge-hallyn) wrote on 2014-02-28:

#5

sorry, please disgregard comment #4. Jdstrand pointed out a version of this patch has already been sent to the mailing list.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-02-28:

#6

This bug was fixed in the package libvirt - 1.2.1-0ubuntu10

---------------
libvirt (1.2.1-0ubuntu10) trusty; urgency=medium

* Pull patch from mailing list (merged with separate patch posted to the
bug) to fix 9p mounts. (LP: #1285995)
-- Serge Hallyn <email address hidden> Fri, 28 Feb 2014 09:34:54 -0600

Changed in libvirt (Ubuntu):
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

0001-virt-aa-helper-qemu-add-rw-permission-to-p9-shared-f.patch Edit

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.