Ubuntu
libvirt package

  1. Bug #1393548
  2. Comment #4

Comment 4 for bug 1393548

Revision history for this message
Adam Gandelman (gandelman-a) wrote :

Confirmed this fixes the issue:

Current version shows the following apparmor errors when spinning up a virtual machine with '-device sga', and the console log does not contain any early boot stuff:

adam@trusty:~$ dpkg -l | grep libvirt
ii libvirt-bin 1.2.2-0ubuntu13.1.8 amd64 programs for the libvirt library
ii libvirt0 1.2.2-0ubuntu13.1.8 amd64 library for interfacing with different virtualization systems
ii python-libvirt 1.2.2-0ubuntu2 amd64 libvirt Python bindings
adam@trusty:~$
adam@trusty:~$ ps aux | grep libvirt | grep sga
libvirt+ 13477 61.8 6.8 1234328 559852 ? Sl 18:30 0:24 /usr/bin/qemu-system-x86_64 -name baremetalbrbm_0 -S -machine pc-1.0,accel=tcg,usb=off -m 512 -realtime mlock=off -smp 1,sockets=1,cores=1,threads=1 -uuid 6a8f6fb0-afc7-4474-8cc8-63b529068a95 -no-user-config -nodefaults -device sga -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/baremetalbrbm_0.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot menu=off,strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive file=/var/lib/libvirt/images/baremetalbrbm_0.qcow2,if=none,id=drive-virtio-disk0,format=qcow2,cache=writeback -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x6,drive=drive-virtio-disk0,id=virtio-disk0 -netdev tap,fd=24,id=hostnet0 -device e1000,netdev=hostnet0,id=net0,mac=52:54:00:ad:8f:fb,bus=pci.0,addr=0x4,bootindex=1 -chardev file,id=charserial0,path=/home/adam/data/ironic/logs//baremetalbrbm_0_console.log -device isa-serial,chardev=charserial0,id=serial0 -chardev pty,id=charserial1 -device isa-serial,chardev=charserial1,id=serial1 -vnc 127.0.0.1:0 -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x7
adam@trusty:~$ dmesg | grep sgab
[ 3356.326341] type=1400 audit(1422498639.571:21): apparmor="DENIED" operation="open" profile="libvirt-6a8f6fb0-afc7-4474-8cc8-63b529068a95" name="/usr/share/misc/sgabios.bin" pid=13477 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=110 ouid=0

Upgrading to 1.2.2-0ubuntu13.1.9, after spawning a machine there DENIED errors dont show up and my console logs contain early boot stuff:

$ sudo head -n 200 /home/adam/data/ironic/logs//baremetalbrbm_0_console.log

Google, Inc.
Serial Graphics Adapter 12/07/13
SGABIOS $Id: sgabios.S 8 2010-04-22 00:03:40Z nlaredo $ (buildd@allspice) Sat Dec 7 23:13:17 UTC 2013
4 0
 eaBIOS (version 1.7.4-20140219_122710-roseapple)
 achine UUID 6a8f6fb0-afc7-4474-8cc8-63b529068a95
M

iPXE (http://ipxe.org) 00:04.0 CA00 PCI2.10 PnP PMM+1FFC2360+1FF22360 CA00

Booting from ROM...
iPXE (PCI 00:04.0) starting execution...ok
iPXE initialising devices...ok

iPXE 1.0.0+git-20131111.c3d1e78-2ubuntu1 -- Open Source Network Boot Firmware --
 http://ipxe.org
Features: HTTP HTTPS iSCSI DNS TFTP AoE bzImage ELF MBOOT PXE PXEXT Menu

net0: 52:54:00:ad:8f:fb using 82540em on PCI00:04.0 (open)
  [Link:up, TX:0 TXE:0 RX:0 RXE:0]
Configuring (net0 52:54:00:ad:8f:fb)...... ok
net0: 10.1.0.6/255.255.255.0 gw 10.1.0.1
Next server: 10.0.0.249
Filename: pxelinux.0
disk......ready.am/data/ironic/tftpboot/e0ca0012-ccf4-46b7-a85d-c88766b0fd99/ram

Thanks, Serge!