[Bug 545795] Re: virt-manager allows selection of PCI devices for a VM but apparmor is not configured to allow access to the PCI device
Jamie Strandboge
jamie at ubuntu.com
Wed Mar 24 12:03:28 GMT 2010
Thank you for using Ubuntu and reporting a bug. This is a known issue and a limitation of the AppArmor driver. For now, you need to adjust /etc/apparmor.d/abstractions/libvirt-qemu to allow access to host hardware. For usb devices (hostdev), adjust this:
# WARNING: uncommenting these gives the guest direct access to host hardware.
# This is required for USB pass through but is a security risk. You have been
# warned.
#/sys/bus/usb/devices/ r,
#/sys/devices/*/*/usb[0-9]*/** r,
#/dev/bus/usb/*/[0-9]* rw,
To be:
# WARNING: uncommenting these gives the guest direct access to host hardware.
# This is required for USB pass through but is a security risk. You have been
# warned.
/sys/bus/usb/devices/ r,
/sys/devices/*/*/usb[0-9]*/** r,
/dev/bus/usb/*/[0-9]* rw,
You will have to add similar entries for PCI devices (pcidev).
** Changed in: libvirt (Ubuntu)
Importance: Undecided => Medium
** Changed in: libvirt (Ubuntu)
Status: New => Triaged
** Summary changed:
- virt-manager allows selection of PCI devices for a VM but apparmor is not configured to allow access to the PCI device
+ apparmor driver blocks access to hostdev and pcidev devices
** Tags added: apparmor
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
More information about the Ubuntu-server-bugs
mailing list