Guido Günther: >> Well, info="Failed name lookup - disconnected path" does ring a bell. >> It might be that the libvirtd profile needs the attach_disconnected >> flag (there are plenty of examples that do in my /etc/apparmor.d). >> Can you please try and report back?
> That worked, reassigning to libvirt. Thanks a lot! :) > That said this is a behaviour change in apparmor / kernel that breaks > existing profiles. Do we have any means to deal with such things? Not sure what we can do about it. I'm personally not closely tracking the kernel side of things. Ideally the upstream AppArmor mailing list would be notified when such changes are merged in Linux mainline. Cc'ing the upstream mailing list: what do you think? [Please drop the bug report, but keep Guido, in the list of recipients when replying.] Cheers, -- intrigeri
