[Bug 545302] Re: allow seabios in libvirt apparmor

rowez 545302 at bugs.launchpad.net
Wed Mar 23 18:59:00 UTC 2011 

In /etc/apparmor.d/abstractions:

Using libvirt-qemu and add /usr/share/seabios/** r, on row 59 (after
/usr/share/vgabios/** r,)

Restart apparmor and virsh!

In /var/log/syslog:

With /usr/share/seabios/** r, in /etc/appamor.d/abstractions/libvirt-
qemu:

Mar 23 19:36:24 node kernel: [13419.727042] type=1400 audit(1300905384.271:76): apparmor="STATUS" operation="profile_load" name="libvirt-5872b474-ad53-8708-db86-928a9d6655b6" pid=31215 comm="apparmor_parser"
Mar 23 19:36:24 node kernel: [13419.834767] type=1400 audit(1300905384.381:77): apparmor="DENIED" operation="open" parent=1 profile="libvirt-5872b474-ad53-8708-db86-928a9d6655b6" name="/dev/fb0" pid=31218 comm="kvm" requested_mask="rw" denied_mask="rw" fsuid=0 ouid=0
Mar 23 19:36:54 node libvirtd: 19:36:54.326: error : qemudOpenMonitorUnix:934 : monitor socket did not show up.: Connection refused
Mar 23 19:36:54 node kernel: [13450.036528] type=1400 audit(1300905414.581:78): apparmor="STATUS" operation="profile_remove" name="libvirt-5872b474-ad53-8708-db86-928a9d6655b6" pid=31294 comm="apparmor_parser"

Ubuntu default:

Mar 23 19:39:14 node kernel: [13589.524010] type=1400 audit(1300905554.071:94): apparmor="STATUS" operation="profile_load" name="libvirt-5872b474-ad53-8708-db86-928a9d6655b6" pid=31662 comm="apparmor_parser"
Mar 23 19:39:14 node kernel: [13589.629753] type=1400 audit(1300905554.171:95): apparmor="DENIED" operation="open" parent=1 profile="libvirt-5872b474-ad53-8708-db86-928a9d6655b6" name="/usr/share/seabios/bios.bin" pid=31665 comm="kvm" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Mar 23 19:39:44 node libvirtd: 19:39:44.121: error : qemudOpenMonitorUnix:934 : monitor socket did not show up.: Connection refused
Mar 23 19:39:44 node kernel: [13619.797636] type=1400 audit(1300905584.341:96): apparmor="STATUS" operation="profile_remove" name="libvirt-5872b474-ad53-8708-db86-928a9d6655b6" pid=31731 comm="apparmor_parser"

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in Ubuntu.
https://bugs.launchpad.net/bugs/545302

Title:
  allow seabios in libvirt apparmor

More information about the Ubuntu-server-bugs mailing list