George, if you want to allow the lttng accesses, edit /etc/apparmor.d/libvirt/TEMPLATE and the other similar profiles in /etc/apparmor.d/libvirt/ and add:
/run/shm/lttng-ust-wait-5 rw,
Then run apparmor_parser --replace $(ls -1 /etc/apparmor.d/libvirt/libvirt* | grep -v files)
This does allow for cross-domain contamination. If you want to deny these accesses instead you can prepend "deny" to that rule above; I don't know if libvirt handles that gracefully or not, but it would prevent cross-domain contamination.
George, if you want to allow the lttng accesses, edit /etc/apparmor. d/libvirt/ TEMPLATE and the other similar profiles in /etc/apparmor. d/libvirt/ and add:
/run/ shm/lttng- ust-wait- 5 rw,
Then run apparmor_parser --replace $(ls -1 /etc/apparmor. d/libvirt/ libvirt* | grep -v files)
This does allow for cross-domain contamination. If you want to deny these accesses instead you can prepend "deny" to that rule above; I don't know if libvirt handles that gracefully or not, but it would prevent cross-domain contamination.
Thanks