Ubuntu
libvirt package

  1. Maverick (10.10)
  2. Bug #632696
  3. Comment #10

Comment 10 for bug 632696

Revision history for this message
Serge Hallyn (serge-hallyn) wrote : Re: [Bug 632696] Re: libvirt won't start a VM when apparmor is enabled

Quoting Jamie Strandboge (<email address hidden>):
> If the VM works, can you then add the ,serial> and <console> back, then add the following to /etc/apparmor.d/abstractions/libvirt-qemu:
> /usr/lib/pt_chown ix,
> owner ${PROC}/[0-9]*/fd/ r,
> owner ${PROC}/[0-9]*/fd/3 r,
>
> then try starting the virtual machine.

fails:

Sep 7 16:48:25 sergelap kernel: [34915.565965] type=1400 audit(1283896105.650:140): apparmor="DENIED" operation="open" parent=7384 profile="libvirt-4b49b0f2-18e7-ef59-f9c6-d37703a6ca21" name="/proc/7389/fd/" pid=7389 comm="kvm" requested_mask="r" denied_mask="r" fsuid=117 ouid=117
Sep 7 16:48:25 sergelap kernel: [34915.566156] type=1400 audit(1283896105.650:141): apparmor="DENIED" operation="exec" parent=7384 profile="libvirt-4b49b0f2-18e7-ef59-f9c6-d37703a6ca21" name="/usr/lib/pt_chown" pid=7389 comm="kvm" requested_mask="x" denied_mask="x" fsuid=117 ouid=0