© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
From the description of Dominque this seemed a common case, so I tried with just qcow files and got it confirmed.
# Create basic guest (already has two disks)
uvt-simplestrea
uvt-kvm create --password ubuntu eoan arch=amd64 release=eoan label=daily
# Add further disks for the test:
sudo qemu-img create -f qcow2 /var/lib/
sudo qemu-img create -f qcow2 /var/lib/
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/
<target dev='vdc' bus='virtio'/>
</disk>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/
<target dev='vdd' bus='virtio'/>
</disk>
The guest now looks like:
$ virsh domblklist eoan --details
Type Device Target Source
-------
file disk vda /var/lib/
file disk vdb /var/lib/
file disk vdc /var/lib/
file disk vdd /var/lib/
Snapshot of single disk works:
$ virsh snapshot-create-as --domain eoan --disk-only --atomic --diskspec vda,snapshot=no --diskspec vdb,snapshot=no --diskspec vdc,file=
The apparmor profile got the snapshot added as expected:
cat /etc/apparmor.
...
"/var/
Snapshot of multiple disks fails:
virsh snapshot-create-as --domain eoan --disk-only --atomic --diskspec vda,snapshot=no --diskspec vdb,snapshot=no --diskspec vdc,file=
error: internal error: unable to execute QEMU command 'transaction': Could not create file: Permission denied
None of the two paths got added to the apparmor profile.
Alongside that we see the expected apparmor denials.
apparmor="DENIED" operation="open" profile=
This proves the report.
I'll be out for a while after today, but I agree that we need to sort out what is missing in this case.
In the single snapshot case I've seen virt-aa-helper called to add a line, needs debugging where this fails with more than one snapshot target.
Until then one might as workaround try to snapshot each of the disks one by one (therefore only medium).