Ubuntu
libvirt package

  1. Bug #632696
  2. Comment #5

Comment 5 for bug 632696

Revision history for this message
Serge Hallyn (serge-hallyn) wrote : Re: libvirt won't start a VM when apparmor is enabled

Sample results from 'grep denied /var/log/kern.log':

Sep 7 15:41:57 sergelap kernel: [30930.845626] type=1400 audit(1283892117.360:30): apparmor="DENIED" operation="open" parent=17387 profile="libvirt-a991f316-eebc-e584-72c2-857666db8606" name="/proc/17396/fd/" pid=17396 comm="kvm" requested_mask="r" denied_mask="r" fsuid=117 ouid=117
Sep 7 15:41:57 sergelap kernel: [30930.845736] type=1400 audit(1283892117.360:31): apparmor="DENIED" operation="exec" parent=17387 profile="libvirt-a991f316-eebc-e584-72c2-857666db8606" name="/usr/lib/pt_chown" pid=17396 comm="kvm" requested_mask="x" denied_mask="x" fsuid=117 ouid=0
Sep 7 15:42:20 sergelap kernel: [30954.413408] type=1400 audit(1283892140.950:34): apparmor="DENIED" operation="open" parent=17990 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/proc/17994/fd/" pid=17994 comm="kvm" requested_mask="r" denied_mask="r" fsuid=117 ouid=117
Sep 7 15:42:20 sergelap kernel: [30954.413532] type=1400 audit(1283892140.950:35): apparmor="DENIED" operation="exec" parent=17990 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/usr/lib/pt_chown" pid=17994 comm="kvm" requested_mask="x" denied_mask="x" fsuid=117 ouid=0
Sep 7 15:42:59 sergelap kernel: [30992.430445] type=1400 audit(1283892179.000:38): apparmor="DENIED" operation="open" parent=19012 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/proc/19017/fd/" pid=19017 comm="kvm" requested_mask="r" denied_mask="r" fsuid=117 ouid=117
Sep 7 15:42:59 sergelap kernel: [30992.430571] type=1400 audit(1283892179.000:39): apparmor="DENIED" operation="exec" parent=19012 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/usr/lib/pt_chown" pid=19017 comm="kvm" requested_mask="x" denied_mask="x" fsuid=117 ouid=0
Sep 7 15:56:14 sergelap kernel: [31787.351880] type=1400 audit(1283892974.630:66): apparmor="DENIED" operation="open" parent=4601 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/proc/4611/fd/" pid=4611 comm="kvm" requested_mask="r" denied_mask="r" fsuid=117 ouid=117
Sep 7 15:56:14 sergelap kernel: [31787.351977] type=1400 audit(1283892974.630:67): apparmor="DENIED" operation="exec" parent=4601 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/usr/lib/pt_chown" pid=4611 comm="kvm" requested_mask="x" denied_mask="x" fsuid=117 ouid=0
Sep 7 15:58:30 sergelap kernel: [31923.244075] type=1400 audit(1283893110.640:94): apparmor="DENIED" operation="open" parent=7942 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/proc/7947/fd/" pid=7947 comm="kvm" requested_mask="r" denied_mask="r" fsuid=117 ouid=117
Sep 7 15:58:30 sergelap kernel: [31923.244251] type=1400 audit(1283893110.640:95): apparmor="DENIED" operation="exec" parent=7942 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/usr/lib/pt_chown" pid=7947 comm="kvm" requested_mask="x" denied_mask="x" fsuid=117 ouid=0
Sep 7 16:07:56 sergelap kernel: [32488.497495] type=1400 audit(1283893676.410:98): apparmor="DENIED" operation="open" parent=19911 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/proc/19915/fd/" pid=19915 comm="kvm" requested_mask="r" denied_mask="r" fsuid=117 ouid=117
Sep 7 16:07:56 sergelap kernel: [32488.497600] type=1400 audit(1283893676.410:99): apparmor="DENIED" operation="exec" parent=19911 profile="libvirt-27f9f30c-5632-2504-5006-e329fcf24d32" name="/usr/lib/pt_chown" pid=19915 comm="kvm" requested_mask="x" denied_mask="x" fsuid=117 ouid=0