group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #23439
[Bug 1384532] Re: Unable to set AppArmor profile [...] no such file or directory
Hi,
sorry for chiming in so late, but I haven't seen this issue before - the last update changed that.
Special chars as reported in comment #26 and comment #15 are an issue, but most of them are fixed or at a better error message now.
First of all since Ubuntu 17.10 (~=UCA-Pike) all files in generated
rules are in quotes which formerly they were not - that allows for some
chars like spaces.
Further some other chars are just plain forbidden and would break the
rule - these are mostly apparmor wilcards so these are now rejected
since v3.10.0 by a150b86c instead of later failing when loading the
profile.
That said it is hard for me to track details of the old issue, but with
a recent Ubuntu this should be all fixed.
With space a rule will now look as:
"/var/lib/uvtool/libvirt/images/a space does not hurt.qcow" rwk,
and work just fine.
But the actual issue - at least with tolerable special chars is fixed in
the latter releases. And the apparmor wildcards do not randomly fail, or
work or be a security issue - instead they always fail now.
I have to admit the message is still the old misleading one in the remaining failing cases.
I spawned bug 1767934 for this - but at low prio.
Per above I'd set the bug fix releases at least for the latter releases.
Given the long time this bug slumbers before a person is hit by it again and the fact that a simple file rename gets you around makes me not think of SRUs for this atm.
So I'll set won't fix for pre-Artful, but hey - discussions welcome.
** Changed in: libvirt (Ubuntu)
Status: Confirmed => Fix Released
** Also affects: libvirt (Ubuntu Artful)
Importance: Undecided
Status: New
** Also affects: libvirt (Ubuntu Bionic)
Importance: High
Status: Fix Released
** Also affects: libvirt (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: libvirt (Ubuntu Artful)
Status: New => Fix Released
** Changed in: libvirt (Ubuntu Xenial)
Status: New => Won't Fix
** Changed in: libvirt (Ubuntu Bionic)
Importance: High => Medium
** Changed in: libvirt (Ubuntu Artful)
Importance: Undecided => Medium
** Changed in: libvirt (Ubuntu Xenial)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1384532
Title:
Unable to set AppArmor profile [...] no such file or directory
Status in libvirt package in Ubuntu:
Fix Released
Status in libvirt source package in Xenial:
Won't Fix
Status in libvirt source package in Artful:
Fix Released
Status in libvirt source package in Bionic:
Fix Released
Bug description:
=================================================
Bugs are not infrequently reported along the lines of
Unable to set Apparmor Profile for [emulator]: No such file or directory
It is frequently (always?) the result of some value (a cdrom or disk
file) which has spaces of odd characters which mess up virt-aa-helper
or libvirt itself.
We should attempt to detect this early on. Perhaps we can use a qemu hook, or add a check in virt-aa-helper.
=================================================
/usr/bin/kvm-spice is a soft-link to /usr/bin/kvm
in /etc/apparmor.d/abstractions/libvirt-qemu there is no line for kvm-
spice.
This leads rise to the error:
libvirt: error : unable to set AppArmor profile 'libvirt-224075ba-a31a-48e9-98fe-337146e9f4f1' for '/usr/bin/kvm-spice': No such file or directory
when using e.g. OpenStack
$ lsb_release -rd
Description: Ubuntu 14.10
Release: 14.10
$ dpkg -l|grep libvirt-bin
ii libvirt-bin 1.2.8-0ubuntu11 amd64 programs for the libvirt library
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1384532/+subscriptions