Ubuntu
libvirt package

  1. Bug #1993304
  2. Comment #0

Comment 0 for bug 1993304

Revision history for this message
Jelle van der Waa (jelle-vdwaa) wrote :

Start a VM and attach an usb host device:

virsh attach-device --domain subVmTest1 --file /tmp/usbhostedxml

Contents of the file:

<hostdev mode='subsystem' type='usb'>
  <source>
    <vendor id='0x1d6b'/>
    <product id='0x0001'/>
  </source>
</hostdev>

audit: type=1400 audit(1666100716.885:298): apparmor="DENIED" operation="open" class="file" profile="libvirt-481c0a95-679a-487f-bbd4-f39761f9c982" name="/sys/bus/usb/devices/" pid=18217 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0

I've extended the apparmor profile (/etc/apparmor.d/abstractions/libvirt-qemu) for testing with two new lines, and now apparmor does not complain.

  /sys/bus/usb/devices r,
  /sys/bus/usb/devices/ r,
  /sys/bus/usb/devices/* r,