Ubuntu
libvirt package

Bug #1993304
Comment #5

Comment 5 for bug 1993304

Revision history for this message

Jelle van der Waa (jelle-vdwaa) wrote on 2022-10-21:

1. Applying that custom rule works
2. On 22.10 it's

root@ubuntu:~# cat /etc/apparmor.d/libvirt/libvirt-5ed35ab0-afe6-4d5b-b1dd-f249242260a6.files
# DO NOT EDIT THIS FILE DIRECTLY. IT IS MANAGED BY LIBVIRT.
  "/var/log/libvirt/**/subVmTest1.log" w,
  "/var/lib/libvirt/qemu/domain-subVmTest1/monitor.sock" rw,
  "/var/lib/libvirt/qemu/domain-1-subVmTest1/*" rw,
  "/run/libvirt/**/subVmTest1.pid" rwk,
  "/run/libvirt/**/*.tunnelmigrate.dest.subVmTest1" rw,
  "/var/lib/libvirt/images/subVmTest1-2.img" rwk,
  "/var/log/libvirt/console-subVmTest1.log" rw,
  "/var/log/libvirt/console-subVmTest1.log" rw,
  "/dev/vhost-net" rw,
  "/var/lib/libvirt/qemu/domain-1-subVmTest1/{,**}" rwk,
  "/var/lib/libvirt/qemu/channel/target/domain-1-subVmTest1/{,**}" rwk,
  "/var/lib/libvirt/qemu/domain-1-subVmTest1/master-key.aes" rwk,
  "/dev/net/tun" rwk,

Working version:

root@ubuntu:~# cat /etc/apparmor.d/libvirt/libvirt-a70443f4-ff95-480a-ad89-370cc5fce495.files
# DO NOT EDIT THIS FILE DIRECTLY. IT IS MANAGED BY LIBVIRT.
  "/var/log/libvirt/**/subVmTest1.log" w,
  "/var/lib/libvirt/qemu/domain-subVmTest1/monitor.sock" rw,
  "/var/lib/libvirt/qemu/domain-1-subVmTest1/*" rw,
  "/run/libvirt/**/subVmTest1.pid" rwk,
  "/run/libvirt/**/*.tunnelmigrate.dest.subVmTest1" rw,
  "/var/lib/libvirt/images/subVmTest1-2.img" rwk,
  "/var/log/libvirt/console-subVmTest1.log" rw,
  "/var/log/libvirt/console-subVmTest1.log" rw,
  "/var/lib/libvirt/qemu/domain-1-subVmTest1/{,**}" rwk,
  "/var/lib/libvirt/qemu/channel/target/domain-1-subVmTest1/{,**}" rwk,
  "/var/lib/libvirt/qemu/domain-1-subVmTest1/master-key.aes" rwk,
  "/dev/net/tun" rwk,

Ubuntulibvirt package

Comment 5 for bug 1993304

Ubuntu
libvirt package