← Back to team overview

registry team mailing list archive

[Bug 457716] Re: apparmor denies save and restore

 

This bug was fixed in the package libvirt - 0.8.1-2ubuntu1

---------------
libvirt (0.8.1-2ubuntu1) maverick; urgency=low

  * Merge from debian unstable. Remaining changes:
    - Fixes:
      LP: #522845
      LP: #553737
      LP: #520386
    - debian/control:
      + Build-Depends on qemu-kvm, not qemu
      + Build-Depends on open-iscsi-utils, not open-iscsi
      + Build-Depends on libxml2-utils
      + Build-Depends on libapparmor-dev and Suggests apparmor
      + Bump bridge-utils, dnsmasq-base, netcat-openbsd, and iptables
        to Depends of libvirt-bin
      + Drop qemu-kvm and qemu to Suggests
      + We call libxen-dev libxen3-dev, so change all references
      + Rename Vcs-* to XS-Debian-Vcs-*
    - debian/libvirt-bin.postinst:
      + rename the libvirt group to libvirtd
      + add each admin user to the libvirtd group
      + reload apparmor profiles
    - debian/libvirt-bin.postrm:
      + rename the libvirt group to libvirtd
      + remove apparmor symlinks on purge
    - debian/README.Debian: add AppArmor section based on the upstream
      documentation
    - debian/rules:
      + update DEB_DH_INSTALLINIT_ARGS for upstart
      + add DEB_MAKE_CHECK_TARGET := check
      + use --with-apparmor
      + copy apparmor and apport hook to debian/tmp
    - add debian/libvirt-bin.upstart
    - debian/libvirt-bin.dirs: add /etc/apparmor.d/abstractions,
      /etc/apparmor.d/disable, /etc/apparmor.d/force-complain,
      /etc/apparmor.d/libvirt, /etc/cron.daily and
      /usr/share/apport/package-hooks
    - add debian/libvirt-bin.cron.daily
    - add debian/libvirt-bin.apport
    - debian/libvirt-bin.install: install apparmor profiles, abstractions
      and apport hook
    - debian/apparmor:
      - add TEMPLATE
      - add libvirt-qemu abstraction
      - add usr.lib.libvirt.virt-aa-helper
      - add usr.sbin.libvirtd
    - debian/patches/series:
      + don't apply 0002-qemu-disable-network.diff.patch
      + don't apply 0005-Terminate-nc-on-EOF.patch. Use
        9010-autodetect-nc-params.patch instead
      + 9000-delayed_iff_up_bridge.patch (refreshed)
      + 9001-dont_clobber_existing_bridges.patch
      + 9002-better_default_uri_virsh.patch (updated)
      + 9004-better-default-arch.patch
      + 9005-libvirtd-group-name.patch
      + 9006-increase-unix-socket-timeout.patch (refreshed)
      + 9007-default-config-test-case.patch (updated)
      + 9008-fix-daemon-conf-ftbfs.patch (rewritten)
      + 9009-run-as-root-by-default.patch (refreshed)
      + 9010-autodetect-nc-params.patch (refreshed, formerly 9015)
      + 9011-dont-disable-ipv6.patch (updated)
  * Dropped following packaging changes, no longer required with upgrades
    from Lucid:
    - debian/control:
      + versioned Conflicts/Replaces to libvirt0 for libvirt0-dbg
      + remove Build-Depends on libcap-ng-dev
    - debian/libvirt-bin.postinst: virt-aa-helper profile migration to
      /usr/lib/libvirt
    - debian/libvirt-bin.preinst: added to force complain on certain
      upgrades
  * Dropped the following patches, included upstream:
    - 0010-Use-base-16-for-product-vendor.patch
    - 9003-increase-logoutput-timeout.patch
    - 9010-apparmor-ftbfs.patch
    - 9011-node_device_driver.patch
    - 9012-dont-crash-on-restart.patch
    - 9013-apparmor-dont-clear-caps.patch
    - 9014-apparmor-remove-unloaded-profile-is-not-fatal.patch
    - 9016-disk-cache-setting-xml.patch
    - 9018-fix-pty-console.patch
    - 9019-apparmor-fix-xauth.patch
    - 9020-apparmor-fix-backingstore.patch
    - 9021-apparmor-fix-hostdev.patch
    - 9022-dont-leak-log-fd.path.patch
    - 9023-virt-pki-validate_fixes.patch
    - 9024-free-memory-for-invalid-devices.patch (use
      0008-Fix-leaks-in-udev-device-add-remove.patch from Debian)
  * debian/apparmor/usr.lib.libvirt.virt-aa-helper: allow access to ecryptfs
    files (LP: #591769)
  * debian/patches/9012-fix-nodeinfotest-ftbfs.patch: fix FTBFS in
    nodeinfotest. Drop in 0.8.2.
  * debian/patches/9013-apparmor-lp457716.patch: properly support/save and
    restore (LP: #457716). Drop in 0.8.2.
  * debian/apparmor/libvirt-qemu: remove workaround for LP: #457716
  * don't create and run ebtables script in /tmp:
    - debian/apparmor/usr.sbin.libvirt: allow ixr to /var/lib/libvirt/virtd*
      for new ebtables functionality added in 0.8.0
    - debian/patches/9014-move-ebtables-script.patch: update
      nwfilter_ebiptables_driver.c /var/lib/libvirt to use /var/lib/libvirt
      instead of /tmp

libvirt (0.8.1-2) unstable; urgency=low

  * [41aea79] Drop patchsys-quilt since this package is 3.0 (quilt) now.
    (Closes: #577919)
  * [978e3c9] libvirt-bin.init: export PATH. (Closes: #584333)
  * [e4f0869] virt-xml-validate needs xmllint from libxml2-utils.
    (Closes: #584869)
  * [bba6d72] New patch 0008-Fix-leaks-in-udev-device-add-remove.patch:
    Fix leaks in udev device add/remove. (Closes: #582965) - thanks to
    Nigel Jones for forwarding this

libvirt (0.8.1-1) unstable; urgency=low

  * [647cbd6] Imported Upstream version 0.8.1
        * fixes spurious syslog messages (Closes: #565275)
        * sysfs USB class parsing (Closes: #579208)
        * virsh honors $VISUAL (Closes: #574415)
  * [fecd1b9] Update libvirt symbols to 0.8.1
  * [3e58e0b] Drop patches merged upstream:
        * 0007-nwfilter-Don-t-crash-if-driverState-NULL.patch
        * 0008-Ignore-empty-type-statement-in-disk-element.patch
  * [561ab2e] New patch:
        * 0007-patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch:
          make qemuMonitorTextGetMigrationStatus to intercept unknown
          command 'info migrate' (Closes: #574272) - thanks to Andreas Bießmann
  * [aeda8ea] Enanble macvtap support

libvirt (0.8.0-2) unstable; urgency=low

  * [70fbcb6] New patch 0007-nwfilter-Don-t-crash-if-driverState- NULL.patch
    nwfilter: Don't crash if driverState == NULL (Closes: #577728)
  * [d7d1abd] New patch 0008-Ignore-empty-type-statement-in-disk-
    element.patch Ignore empty type statement in disk element
    (Closes: #578347)

libvirt (0.8.0-1) unstable; urgency=low

  * Imported Upstream version 0.8.0
  * Drop patches.
  * Update libvirt0 symbols.
  * Switch to new source format 3.0 (quilt).

libvirt (0.7.7-4) unstable; urgency=low

  [ Guido Günther ]
  * [cf4919c] Recommend either qemu-kvm or qemu

  [ Laurent Léonard ]
  * [1b12f02] Change libparted1.8-dev build dependency to libparted0- dev.
    (Closes: #574906)

libvirt (0.7.7-3) unstable; urgency=low

  * The "fix all those crashes" release
  * [f74e13a] Explicitly disable hal (Closes: #574177)
  * [21ef92b] New patch 0009-security-Set-permissions-for-kernel- initrd.patch
    security: Set permissions for kernel/initrd (Closes: #574241) - thanks to
    Cole Robinson
  * [b69d3cc] Revert "Enable NUMA support" since it breaks the python
    bindings.
  * [5f2ca4a] New patch 0010-Don-t-crash-without-a-security-driver.patch Don't
    crash without a security driver (Closes: #574359)

libvirt (0.7.7-2) unstable; urgency=low

  [ Guido Günther ]
  * [b350683] Enable parallel build
  * [b2a6aab] Enable NUMA support
  * [13274cf] New patch 0007-Work-around-broken-linux-socket.h.patch
    Work around broken linux/socket.h

  [ Laurent Léonard ]
  * [3c12caf] qemu: Fix USB by product with security enabled.

libvirt (0.7.7-1) unstable; urgency=low

  * [f944460] Imported Upstream version 0.7.7
  * [bd457cc] Redo patches.
  * [098d1d3] Update libvirt0 symbols.

libvirt (0.7.6-2) unstable; urgency=low

  * [72790fc] Drop hal dependency We're using udev for device enumeration.
  * [ce225c4][11cc6e9] New patch
    0006-Don-t-drop-caps-when-exec-ing-qemu.patch: Don't drop caps when
    exec'ing qemu. Instead of disabling libcap-ng better exclude this one exec
    so we get the additional security for the rest of the calls. Makes
    interface type="network" work again. (Closes: #565767)

libvirt (0.7.6-1) unstable; urgency=low

  * [0229557] Imported Upstream version 0.7.6
  * [6fdc00b] Drop patches.
  * [1b0670b] Update libvirt0 symbols.

libvirt (0.7.5-6) unstable; urgency=low

  [ Laurent Léonard ]
  * [a3b98c9] Don't free an uninitalized pointer in update_driver_name()
    (Closes: #565983) - thanks to Matthias Bolte
  * [719976d] Handle only official releases in debian/watch.
  * [83902d9] Bump Standards-Version to 3.8.4.

  [ Guido Günther ]
  * [959640d] New patch 0011-Fix-parsing-of-info-chardev-line-
    endings.patch Fix parsing of 'info chardev' line endings (Closes:
    #567818) - thanks to Matthew Booth

  [ Laurent Léonard ]
  * [0b2a9dd] Add $remote_fs to Required-Start and Required-Stop in
    libvirt-bin init script.
 -- Jamie Strandboge <jamie@xxxxxxxxxx>   Wed, 16 Jun 2010 14:22:39 -0500

** Changed in: libvirt (Ubuntu Maverick)
       Status: In Progress => Fix Released

-- 
apparmor denies save and restore
https://bugs.launchpad.net/bugs/457716
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Fedora.