Comment 0 for bug 992378

Richard Laager (rlaager) wrote :

When using an iSCSI storage pool, libvirt tries to run /lib/udev/scsi_id, which is denied:

type=1400 audit(1335826589.499:26): apparmor="DENIED" operation="exec" parent=29400 profile="/usr/sbin/libvirtd" name="/lib/udev/scsi_id" pid=30552 comm="libvirtd" requested_mask="x" denied_mask="x" fsuid=0 ouid=0

The apparmor policy should allow execution of /lib/udev/scsi_id.

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: libvirt-bin 0.9.8-2ubuntu17
ProcVersionSignature: Ubuntu 3.2.0-24.37-generic 3.2.14
Uname: Linux 3.2.0-24-generic x86_64
ApportVersion: 2.0.1-0ubuntu7
Architecture: amd64
Date: Mon Apr 30 23:49:46 2012
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
ProcEnviron:
 TERM=xterm
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.apparmor.d.local.usr.sbin.libvirtd:
 # Site-specific additions and overrides for usr.sbin.libvirtd.
 # For more details, please see /etc/apparmor.d/local/README.
 /lib/udev/scsi_id PUx,
modified.conffile..etc.logrotate.d.libvirtd: [modified]
modified.conffile..etc.logrotate.d.libvirtd.lxc: [modified]
modified.conffile..etc.logrotate.d.libvirtd.qemu: [modified]
modified.conffile..etc.logrotate.d.libvirtd.uml: [modified]
mtime.conffile..etc.apparmor.d.local.usr.sbin.libvirtd: 2012-04-30T21:41:20.815809
mtime.conffile..etc.logrotate.d.libvirtd: 2012-04-30T17:53:14.571061
mtime.conffile..etc.logrotate.d.libvirtd.lxc: 2012-04-30T17:53:14.575062
mtime.conffile..etc.logrotate.d.libvirtd.qemu: 2012-04-30T17:53:14.575062
mtime.conffile..etc.logrotate.d.libvirtd.uml: 2012-04-30T17:53:14.579062