Comment 0 for bug 2056739

Running any VM in libvirt causes a new AppArmor violation in current noble. This is a regression, this didn't happen in any previous release.

Reproducer:

  virt-install --memory 50 --pxe --virt-type qemu --os-variant alpinelinux3.8 --disk none --wait 0 --name test1

(This is the simplest way to create a test VM. But it's form or shape doesn't matter at all).

Results in lots of

audit: type=1400 audit(1710146677.570:108): apparmor="DENIED" operation="open" class="file" profile="virt-aa-helper" name="/etc/gnutls/config" pid=1480 comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0

libvirt-daemon 10.0.0-2ubuntu1
apparmor 4.0.0~alpha4-0ubuntu1
libgnutls30:amd64 3.8.3-1ubuntu1