Comment 8 for bug 1895967
Revision history for this message
| Christian Ehrhardt (paelzer) wrote Re: 3.0.0~beta1-0ubuntu1 in Groovy breaks Libvirt/Qemu/KVM | #8 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Yeah and the comment above this function pointed the right way:
Good case (libvirt is enforced):
oot@testkvm-
apparmor module is loaded.
31 profiles are loaded.
31 profiles are in enforce mode.
/snap/
/snap/
/usr/bin/man
/usr/
/usr/
/usr/
/usr/
/usr/
/{,usr/
libvirtd
libvirtd/
lsb_release
man_filter
man_groff
nvidia_modprobe
nvidia_
snap-
snap.
snap.
snap.lxd.buginfo
snap.
snap.lxd.daemon
snap.
snap.
snap.
snap.lxd.lxc
snap.
snap.lxd.lxd
snap.lxd.migrate
tcpdump
virt-aa-helper
0 profiles are in complain mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
1 processes have profiles defined.
1 processes are in enforce mode.
/usr/
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.
0 processes are in kill mode.
Bad case libvirt (and plenty of other things) are not confined:
# aa-status
apparmor module is loaded.
15 profiles are loaded.
15 profiles are in enforce mode.
/snap/
/snap/
snap-
snap.
snap.
snap.lxd.buginfo
snap.
snap.lxd.daemon
snap.
snap.
snap.
snap.lxd.lxc
snap.
snap.lxd.lxd
snap.lxd.migrate
0 profiles are in complain mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.
0 processes are in kill mode.
As if only snap profiles are loaded.