Apparmor security unavailable
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libvirt (Ubuntu) |
Confirmed
|
Undecided
|
Jamie Strandboge |
Bug Description
System: basic Lucid, with installation in accordance exactly with Ubuntu website instructions, etc, etc. Everything is basically default Lucid setup with up-to-date packages.
KVM, installed XP Pro successfully.
Runs well except for complete inability to make USB devices, etc, available.
Description: Ubuntu 10.04.2 LTS
Release: 10.04
qemu-kvm:
Installed: 0.12.3+
Candidate: 0.12.3+
Version table:
*** 0.12.3+
500 http://
500 http://
100 /var/lib/
0.
500 http://
libvirt-bin:
Installed: 0.7.5-5ubuntu27.8
Candidate: 0.7.5-5ubuntu27.8
Version table:
*** 0.7.5-5ubuntu27.8 0
500 http://
100 /var/lib/
0.
500 http://
0.
500 http://
ubuntu-vm-builder:
Installed: 0.12.4-0ubuntu0.2
Candidate: 0.12.4-0ubuntu0.2
Version table:
*** 0.12.4-0ubuntu0.2 0
500 http://
500 http://
100 /var/lib/
0.
500 http://
bridge-utils:
Installed: 1.4-5ubuntu2
Candidate: 1.4-5ubuntu2
Version table:
*** 1.4-5ubuntu2 0
500 http://
100 /var/lib/
virt-manager:
Installed: 0.8.2-2ubuntu8
Candidate: 0.8.2-2ubuntu8
Version table:
*** 0.8.2-2ubuntu8 0
500 http://
100 /var/lib/
USB devices become available with very dangerous chown -R of /dev/devices/...usb
Dangerous edits, as per other filed bugs, to /etc/apparmor.
In Virtual machine manager, and in virsh, security "model" is not enabled / available / listed. No security is listed in the domain XML file.
Changing /etc/apparamor/
Rebooting dozens of times does not work.
This is in many ways the opposite of bug #588369.
I am filing as a bug because all the utilities and their docs mention apparmor, but fail completely and _silently_ when this problem occurs, and there is not even howto assistance. For example, the virtual manager GUI leaves the security model under "overview" as unselectable, and leaves the user completely in the dark.
qemu.conf has the line:
# security_driver = "selinux"
The only file in /etc/apparmor.
Thank you for filing a bug and helping to make Ubuntu better. Can you perform:
$ sudo apport-collect 723361
This will collect various pieces of information from your system for debugging and attach them to this bug.