touch-packages team mailing list archive

Thread
Date

[Bug 1511830] Re: apparmor denies VM startup when image is network mounted

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Mon, 02 Nov 2015 16:46:05 -0000
Reply-to: Bug 1511830 <1511830@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

As Christian mentioned, just need to adjust the virt-aa-helper policy.
Removing the apparmor task.

** No longer affects: apparmor (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1511830

Title:
  apparmor denies VM startup when image is network mounted

Status in libvirt package in Ubuntu:
  New

Bug description:
  If I attempt to start a VM with one of its disk images on a libvirt
  managed NFS mount, it fails:

  Oct 30 15:30:56 athens kernel: [545232.917662] audit: type=1400
  audit(1446233456.718:81): apparmor="DENIED" operation="sendmsg"
  profile="/usr/lib/libvirt/virt-aa-helper" pid=13760 comm="virt-aa-
  helper" laddr=fd60:e0:a0f4:121::8 lport=757 faddr=fd60:e0:a0f4:121::4
  fport=2049 family="inet6" sock_type="stream" protocol=6

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1511830/+subscriptions