Ubuntu
seabios package

  1. Bug #958549
  2. Comment #8

Comment 8 for bug 958549

Revision history for this message
Ken-ichi Mito (mitty) wrote :

I think AppArmor needs a new rule for /usr/bin/kvm-spice.

The reason,

1) When I boot a VM, every time I get a kernel log like below, even if I set the VM's Video model to Cirrus.
Oct 13 22:45:08 HOSTNAME kernel: [507466.445098] type=1400 audit(1350135908.372:69): apparmor="DENIED" operation="open" parent=1 profile="libvirt-52d08545-a490-c890-654a-260caf35d27d" name="/proc/17685/auxv" pid=17685 comm="kvm-spice" requested_mask="r" denied_mask="r" fsuid=104 ouid=104

2) I change the VM's setting "<emulator>/usr/bin/kvm-spice</emulator>" to /usr/bin/kvm with "virsh edit VMNAME", and I get BIOS boot menu correctly while the VM is booting. And there is no "DENIED" in kernel log anymore.

I'm not familiar with AppArmor so I have no idea how to set AppArmor properly.