Comment 59 for bug 1393842

There actually is the common virt-aa-helper on channels even back then in Trusty.
This was changed a few times and the special tweak that generates the rule was dropped later as along the new namespacing there are now valid rules per entry.

Anyway for trusty backporting all those complex changes would be not in the SRU mindset, so stick to the proposal I made above.

Please - at least one of the affected users, test the ppa in [1].
If that is successful for you as well and you are willing to also help me verify the eventual SRU we could go forward with that.

My Testing from ppa seems good - log below:

#1 clean env (dir not pre-existing)
#1.1 dir exists after install - ok
#1.2 right ownership - ok
#1.3 socket created - ok
     /var/lib/libvirt/qemu/channel/target/kvmguest-testgachannel.org.qemu.guest_agent.0=
#1.4 apparmor rule - ok
     owner "/var/lib/libvirt/qemu/channel/target/kvmguest-testgachannel.**" rw,
#1.5 Guest working - ok

#2 dir pre-existing but under right ownership/perm
#2.1 - #2.5 as in #1 - ok
#2.6 - no error/conflict due to existing dir

#3 dir pre-existing but under other ownership/perm
#3.1 dir exists after install - ok
#3.2 ownership preserved from before install - ok
#3.3 - apparmor rule creates correctly - ok
#3 fails due to ownership not allowing qemu to create our example guest, but we want to preserve what a user has set up - so ok

[1]: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/2923