group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1546674] Re: virt-aa-helper Apparmor profile missing rules for name resolution

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Stefan Bader <stefan.bader@xxxxxxxxxxxxx>
Date: Fri, 07 Oct 2016 08:20:59 -0000
Reply-to: Bug 1546674 <1546674@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** Also affects: libvirt (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: libvirt (Ubuntu Xenial)
   Importance: Undecided => Medium

** Changed in: libvirt (Ubuntu Xenial)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1546674

Title:
  virt-aa-helper Apparmor profile missing rules for name resolution

Status in libvirt package in Ubuntu:
  Triaged
Status in libvirt source package in Xenial:
  Triaged

Bug description:
  With libvirt-bin 1.3.1, starting a QEMU guest results in those AA
  denials:

  Feb 17 12:06:23 simon-laptop kernel: [15734.513696] audit: type=1400 audit(1455728783.639:73): apparmor="DENIED" operation="open" profile="/usr/lib/libvirt/virt-aa-helper" name="/etc/nsswitch.conf" pid=23156 comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Feb 17 12:06:23 simon-laptop kernel: [15734.513718] audit: type=1400 audit(1455728783.639:74): apparmor="DENIED" operation="open" profile="/usr/lib/libvirt/virt-aa-helper" name="/etc/host.conf" pid=23156 comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Feb 17 12:06:23 simon-laptop kernel: [15734.513734] audit: type=1400 audit(1455728783.639:75): apparmor="DENIED" operation="open" profile="/usr/lib/libvirt/virt-aa-helper" name="/run/resolvconf/resolv.conf" pid=23156 comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Feb 17 12:06:23 simon-laptop kernel: [15734.513885] audit: type=1400 audit(1455728783.639:76): apparmor="DENIED" operation="open" profile="/usr/lib/libvirt/virt-aa-helper" name="/run/resolvconf/resolv.conf" pid=23156 comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0

  
  virt-aa-helper's AA profile hasn't changed recently so it seems like the helper is doing more in this release.

  Additional information:

  $ lsb_release -rd
  Description:	Ubuntu Xenial Xerus (development branch)
  Release:	16.04

  $ apt-cache policy apparmor libvirt-bin
  apparmor:
    Installed: 2.10-3ubuntu1
    Candidate: 2.10-3ubuntu1
    Version table:
   *** 2.10-3ubuntu1 500
          500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
          100 /var/lib/dpkg/status
  libvirt-bin:
    Installed: 1.3.1-1ubuntu1
    Candidate: 1.3.1-1ubuntu1
    Version table:
   *** 1.3.1-1ubuntu1 500
          500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
          100 /var/lib/dpkg/status

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: libvirt-bin 1.3.1-1ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-5.20-generic 4.4.1
  Uname: Linux 4.4.0-5-generic x86_64
  NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
  ApportVersion: 2.20-0ubuntu3
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Wed Feb 17 13:08:04 2016
  KernLog:
   
  SourcePackage: libvirt
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']
  modified.conffile..etc.libvirt.qemu.networks.default.xml: [deleted]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1546674/+subscriptions