** Changed in: libvirt (Ubuntu Lucid)
Milestone: ubuntu-10.04.1 => ubuntu-10.04.2
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
-
** Changed in: libvirt (Ubuntu Maverick)
Status: Triaged => Incomplete
** Changed in: libvirt (Ubuntu Lucid)
Status: Triaged => Incomplete
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification becaus
John, while this patch seems ok to me, this is really an upstream bug.
Can you submit a bug upstream (http://libvirt.org/bugs.html) and link to
it from this bug? Once upstream accepts it, we can cherrypick it for
Maverick, verify it and backport it to Lucid. Thanks!
--
apparmor driver blocks acce
Patch to allow PCI pass through to work woth app armor. It's currently
missing a couple of files
** Patch added: "8001-apparmor-extras-for-pci-passthru.patch"
http://launchpadlibrarian.net/50106988/8001-apparmor-extras-for-pci-passthru.patch
--
apparmor driver blocks access to hostdev and pc
Looks like it needs device as well. Will attach a patch shortly
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
util/pci.c in function pciDeviceFileIterate
needs vendor added as a directory match:wq
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: libvirt (Ubuntu Lucid)
Milestone: ubuntu-10.04 => ubuntu-10.04.1
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
Found the apparmour errors in syslog, related to virt-aa helper.
I added /sys/devices/** r, to usr.lib.virt-aa-helper and got a bit further.
Still getting this:
May 10 23:14:25 hal kernel: [ 179.037233] type=1503
audit(1273529665.107:22): operation="open" pid=1601 parent=1 profile
="libvirt-
Hmm, it seems thats actually because usb2 is not supported in KVM?
I tried passing through the PCI card itself, but I'm back to permission
denied :(
device: 03:06.0: driver="pci-assign" host="03:06.0"
device: 03:06.1: driver="pci-assign" host="03:06.1"
device: 03:06.2: driver="pci-assign" host="0
Rebooting the PC fixed that problem so I guess something hadn't been reloaded.
I've also added /dev/** rwk, to the apparmour profile. Taking it away doesn't
stop it from working again, although I've not tried rebooting the host yet.
It still doesn't quite work however, as now (on the guest) I see
Hi,
I think I may also be having this problem, I'm trying to pass through a PCI
WinTV NOVA T 500.
It's actually a pair of USB DVB-T tuners on a PCI card so it needed the 'three
stars' in the /sys path in the apparmour profile.
I appended the improved solution:
/sys/bus/usb/devices/ r,
/sys
Andreas, thanks for reporting back. abstractions/libvirt-qemu and
usr.lib.libvirt.virt-aa-helper are used by different applications. Eg,
virt-aa-helper is confined by the usr.lib.libvirt.virt-aa-helper profile
and VMs include the libvirt-qemu abstraction. Please file a different
bug regarding hot a
Oh and it seems that disconnecting/detaching an USB device from the
running VM doesn't work at all? virt-manager complains:
Device could not be removed from the running machine.
This change will take effect after the next VM reboot
But this has probably nothing to do with AppArmor and may just be
Jamie, yes this fixes it. thank you!
I notice however some redundancies between abstractions/libvirt-qemu and
usr.lib.libvirt.virt-aa-helper? At least the line "/sys/bus/usb/devices/
r," appears in both, don't know if that matters any, though. So that's
good :)
But now I have discovered something
Andreas, can you adjust this to be:
/sys/bus/usb/devices/ r,
/sys/bus/usb/devices/** r,
/sys/devices/**/usb[0-9]*/** r,
and report back if it fixes it for you?
** Changed in: libvirt (Ubuntu Lucid)
Status: Fix Released => Incomplete
--
apparmor driver blocks access to hostdev and p
Looks like I found it. The VM in my case is trying to access
/sys/devices/pci:00/:00:1e.0/:01:04.4/usb6/devnum
but the abstractions/libvirt-qemu profile only allows
/sys/bus/usb/devices/ r,
/sys/devices/*/*/usb[0-9]*/** r,
when it should (also) allow
/sys/devices/*/*/*/usb[0-
Interestingly, or perhaps not, merely running /etc/init.d/apparmor stop
isn't enough. I stop AppArmor, restart Libvirt and then start my VMs.
However upon starting a VM an AppArmor profile still gets loaded and
thus AppArmor denies access to the USB device I want to pass through. I
have to run /etc
I'm sorry to post to this bug that has a status of "Fix released" but I
am not sure it is really fixed. I have a situation similar too the
original poster's concerning a USB card reader that won't make it past
AppArmor it seems. Using libvirt-bin 0.7.5-5ubuntu27.
Situation: one of our servers was
Francesco. Excellent, thanks for your feedback. This will be added in
0.7.5-5ubuntu26. I am going to mark this back to Fix Released since it
works some of the time as is. Please file a new bug if 0.7.5-5ubuntu26
doesn't resolve the issue for you.
** Changed in: libvirt (Ubuntu Lucid)
Status
Yes, that worked! :)
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://
Err... sorry, that last message was for Francesco, not Claas.
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing l
Class,
Can you add the following line to
/etc/apparmor.d/usr.lib.libvirt.virt-aa-helper:
/sys/bus/usb/devices/ r,
/sys/bus/usb/devices/** r,
Then perform:
$ sudo apparmor_parser -r /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper
and try to start the VM again?
** Changed in: libvirt (Ubuntu
I used virt-manager:
storage
0175b337-5faf-42ba-d6a7-bb60ec8da4ad
1572864
1572864
1
hvm
destroy
restart
restart
/usr/bin/kvm
Francesco, how did you add this item? Can you attach the XML for the VM
in question by using 'virsh dumpxml '.
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Bugs, which is
FYI: I didn't try the latest fix since apparmor causes all kinds of
trouble in the last days. Since I need a stable KVM I didn't test the
fix so far. Maybe I have some spare time tomorrow.
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You re
Just to confirm something is still not working for me:
$ sudo apt-cache showpkg libvirt-bin
Package: libvirt-bin
Versions:
0.7.5-5ubuntu25
Adding the generic (and unsafe) line:
/dev/bus/usb/*/[0-9]* rw,
to /etc/apparmor.d/abstractions/libvirt-qemu and reloading profiles
works for me so it se
I'm using libvirt-bin 0.7.5-5ubuntu25 and the bug is still there. Is the
fix lost somewhere?
My /var/log/libvirt/qemu/storage.log have these lines:
usb_create: no bus specified, using "usb.0" for "usb-host"
husb: open device 6.2
/dev/bus/usb/006/002: Permission denied
husb: open device 6.2
/dev/b
libvirt 0.7.5-5ubuntu21 is accepted into lucid, but some of the
intermediate versions were bounced out of the queue for simplicity's
sake - so this didn't get autoclosed. Changelog entry:
libvirt (0.7.5-5ubuntu19) lucid; urgency=low
* fix for hostdev devices (LP: #545795). This can be dropped i
** Changed in: libvirt (Ubuntu Lucid)
Milestone: ubuntu-10.04-beta-2 => ubuntu-10.04
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Uploaded 0.7.5-5ubuntu19 which fixes this. Just needs to be approved.
** Changed in: libvirt (Ubuntu Lucid)
Status: In Progress => Fix Committed
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because
Actually, I thought about this some more and I can get this to work for
Lucid.
** Changed in: libvirt (Ubuntu Lucid)
Status: Won't Fix => In Progress
** Changed in: libvirt (Ubuntu Lucid)
Milestone: None => ubuntu-10.04-beta-2
--
apparmor driver blocks access to hostdev and pcidev de
Changes are too big for Lucid. This will be fixed in Maverick and
upstream libvirt 0.7.8.
** Changed in: libvirt (Ubuntu Lucid)
Status: In Progress => Won't Fix
** Changed in: libvirt (Ubuntu)
Status: In Progress => Triaged
** Changed in: libvirt (Ubuntu)
Milestone: None => lat
I'm going to unmilestone this since it mostly depends on bug #553737. If
that bug is fixed, I can add my upstream work to it, otherwise this may
have to wait until lucid+1.
** Changed in: libvirt (Ubuntu Lucid)
Milestone: ubuntu-10.04-beta-2 => None
** Changed in: libvirt (Ubuntu Lucid)
** Changed in: libvirt (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Also affects: libvirt (Ubuntu Lucid)
Importance: Medium
Assignee: Jamie Strandboge (jdstrand)
Status: Triaged
** Changed in: libvirt (Ubuntu Lucid)
Milestone: None => ubuntu-10.04-beta
34 matches
Mail list logo
