2016-04-21 19:00:01 |
Simon Déziel |
description |
Trying to pass a SCSI device from the host to a VM with this XML definition:
<hostdev mode='subsystem' type='scsi' managed='no' sgio='filtered' rawio='no'>
<source>
<adapter name='scsi_host2'/>
<address bus='0' target='0' unit='0'/>
</source>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</hostdev>
Results in Apparmor denials like this during the VM startup:
apparmor="DENIED" operation="open" profile="libvirt-65e0d1b9-f6b1-4926-8648-dc685778555a" name="/dev/sg2" pid=7904 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=111 ouid=111
apparmor="DENIED" operation="open" profile="libvirt-65e0d1b9-f6b1-4926-8648-dc685778555a" name="/dev/sg2" pid=7904 comm="qemu-system-x86" requested_mask="wr" denied_mask="wr" fsuid=111 ouid=111
Workaround: add "owner /dev/sg2 rw," to /etc/apparmor.d/abstractions/libvirt-qemu
Additional information:
# lsb_release -rd
Description: Ubuntu 16.04 LTS
Release: 16.04
# apt-cache policy libvirt-bin apparmor
libvirt-bin:
Installed: 1.3.1-1ubuntu10
Candidate: 1.3.1-1ubuntu10
Version table:
*** 1.3.1-1ubuntu10 500
500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
apparmor:
Installed: 2.10.95-0ubuntu2
Candidate: 2.10.95-0ubuntu2
Version table:
*** 2.10.95-0ubuntu2 500
500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: libvirt-bin 1.3.1-1ubuntu10
ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
Uname: Linux 4.4.0-21-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20.1-0ubuntu2
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Apr 21 14:34:10 2016
KernLog:
SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']
modified.conffile..etc.libvirt.qemu.networks.default.xml: [deleted] |
Trying to pass a SCSI device from the host to a VM with this XML definition:
<hostdev mode='subsystem' type='scsi' managed='no' sgio='filtered' rawio='no'>
<source>
<adapter name='scsi_host2'/>
<address bus='0' target='0' unit='0'/>
</source>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</hostdev>
Results in Apparmor denials like this during the VM startup:
apparmor="DENIED" operation="open" profile="libvirt-65e0d1b9-f6b1-4926-8648-dc685778555a" name="/dev/sg2" pid=7904 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=111 ouid=111
apparmor="DENIED" operation="open" profile="libvirt-65e0d1b9-f6b1-4926-8648-dc685778555a" name="/dev/sg2" pid=7904 comm="qemu-system-x86" requested_mask="wr" denied_mask="wr" fsuid=111 ouid=111
Workaround:
Add "owner /dev/sg2 rw," to /etc/apparmor.d/libvirt/libvirt-$UUID and restart libvirt-bin.
Additional information:
# lsb_release -rd
Description: Ubuntu 16.04 LTS
Release: 16.04
# apt-cache policy libvirt-bin apparmor
libvirt-bin:
Installed: 1.3.1-1ubuntu10
Candidate: 1.3.1-1ubuntu10
Version table:
*** 1.3.1-1ubuntu10 500
500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
apparmor:
Installed: 2.10.95-0ubuntu2
Candidate: 2.10.95-0ubuntu2
Version table:
*** 2.10.95-0ubuntu2 500
500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: libvirt-bin 1.3.1-1ubuntu10
ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6
Uname: Linux 4.4.0-21-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20.1-0ubuntu2
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Apr 21 14:34:10 2016
KernLog:
SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']
modified.conffile..etc.libvirt.qemu.networks.default.xml: [deleted] |
|