Can you show which libvirt version you are using?
Can you show the results of:
ls -l /etc/apparmor.d/libvirt
ls -l /proc /proc/self /proc/self/attr
And then the following manual test:
cd /tmp
cat > testprofile << EOF
profile i_cant_be_trusted_anymore {
/etc/ld.so.cache mr,
/lib/ld-*.so* mrix,
/lib/libc*.so* mr,
/usr/bin/head ix,
}
EOF
cat > aa_change_profile << EOF
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/apparmor.h>
int main()
{
errno = 0;
int ret = aa_change_profile("i_cant_be_trusted_anymore");
printf("aa_change_profile returned %d %d\n", ret, errno);
ret = system("/bin/bash");
printf("bash returned %d %d\n", ret, errno);
}
EOF
apparmor_parser /tmp/testprofile
sudo apt-get -y install libapparmor-dev
gcc -o aa_change_profile aa_change_profile.c -lapparmor
sudo ./aa_change_profile
sudo strace -f ./aa_change_profile
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1513367
Title:
qemu-system-x86_64/kvm-spice failed to boot a vm with appmor enabled
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1513367/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
