[Pkg-libvirt-maintainers] Bug#924418: libvirt-daemon-system: apparmor prevents libvirtd from spawning VMs
Zrin
zrin+launchpad at ziborski.net
Tue Oct 6 00:22:31 BST 2020
Package: libvirt-daemon-system
Version: 6.6.0-2
Followup-For: Bug #924418
Dear Maintainer,
I've just hit the bug with a similar cause:
virt-aa-helper fails to create a parasble apparmor profile due to regex
meta characters in the path.
How to reproduce:
Try to, in the VM definition, attach an .iso file that contains e.g. {}
charaters in the name to the virtual CDROM.
apparmor_parser will fail to parse the profile because {} are regex
meta-characters.
Anyway, virt-aa-helper needs better error message propagation.
Best regards,
Zrin
-- System Information:
Debian Release: bullseye/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 5.8.0-2-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libvirt-daemon-system depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.74
ii gettext-base 0.19.8.1-10
ii iptables 1.8.5-3
ii libc6 2.31-3
ii libgcc-s1 10.2.0-9
ii libglib2.0-0 2.66.0-2
ii libvirt-clients 6.6.0-2
ii libvirt-daemon 6.6.0-2
ii libvirt-daemon-system-systemd 6.6.0-2
ii libvirt0 6.6.0-2
ii libxml2 2.9.10+dfsg-6
ii logrotate 3.16.0-3
ii policykit-1 0.105-29
Versions of packages libvirt-daemon-system recommends:
ii dmidecode 3.2-4
ii dnsmasq-base [dnsmasq-base] 2.82-1
ii iproute2 5.8.0-1
ii mdevctl 0.69-1
ii parted 3.3-4
Versions of packages libvirt-daemon-system suggests:
ii apparmor 2.13.4-3
pn auditd <none>
pn nfs-common <none>
pn open-iscsi <none>
pn pm-utils <none>
pn radvd <none>
ii systemd 246.6-1
pn systemtap <none>
pn zfsutils <none>
-- Configuration Files:
/etc/apparmor.d/usr.lib.libvirt.virt-aa-helper changed [not included]
[Access to other files that would be listed here was not possible -
permision denied]
-- debconf information:
libvirt-daemon-system/id_warning: true
More information about the Pkg-libvirt-maintainers
mailing list