[Pkg-libvirt-maintainers] Bug#1061725: Info received (Bug#1061725: libvirt-daemon: Deleting external snapshot for non-running system VM fails with Permission Denied)
Martin Pitt
mpitt at debian.org
Mon Jan 29 08:52:38 GMT 2024
I can't make head or tail of this. aa-complain still enforces deny
rules, there is no (discoverable) way to log deny rules, and
grep -r deny /etc/apparmor.d | grep virt | grep -v /sys | grep -v /dev
doesn't show anything which would apply to /var/lib/libvirt/.
`aa-disable /etc/apparmor.d/libvirt/libvirt-a5aa3a67-6967-43a5-9d61-b0b380bd14e6` also
doesn't work because it references a non-existing
libvirt/libvirt-a5aa3a67-6967-43a5-9d61-b0b380bd14e6.files.
The only thing that works is
aa-disable libvirtd
systemctl restart libvirtd
(That requires apparmor-utils)
After that, the snapshot-delete command works.
I don't know what else I could try here to debug this properly, so a hint from
someone AppArmor-savvy would be much appreciated.
More information about the Pkg-libvirt-maintainers
mailing list