virt-aa-helper restricts arm64 QEMU_EFI.fd binary
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libvirt (Ubuntu) |
Fix Released
|
Undecided
|
William Grant |
Bug Description
Attempting to use libvirt to start a VM on arm64 with the installed path of the qemu-efi package fails
$ /usr/lib/
virt-aa-helper: error: /usr/share/
virt-aa-helper: error: skipped restricted file
virt-aa-helper: error: invalid VM definition
This is because /usr/share/ is a restricted path in virt-aa-helper.c and an exception isn't made in restricted_rw for /usr/share/qemu-efi like it is for other firmware images like /usr/share/ovmf/
Also, although I haven't directly run into it /etc/apparmor.
/usr/lib/
/usr/lib/
Changed in libvirt (Ubuntu): | |
assignee: | nobody → William Grant (wgrant) |
status: | New → In Progress |
This bug was fixed in the package libvirt - 1.3.1-1ubuntu10
---------------
libvirt (1.3.1-1ubuntu10) xenial; urgency=medium
* d/p/u/virt- aa-helper- apparmor- allow-usr- share-AAVMF- too.patch: Allow qemu-efi/ ** for aarch64 UEFI.
access to /usr/share/AAVMF/** and /usr/share/
(LP: #1538882)
-- William Grant <email address hidden> Fri, 15 Apr 2016 12:08:21 +1000