Hi, On Thu, Jun 06, 2019 at 05:31:51PM -0400, Sam Hartman wrote: > package: libvirt-daemon-system > severity: important > version: 5.0.0-3 > > Upgrading stretch to buster. > After the upgrade, libvirt could not read /etc/pki/qemu/server-cert.pem > and server-key.pem. > > This is because of the apparmor profile. > > I think that's the default place where you're supposed to put spice and > vnc certs if you're using tls. > > Please include /etc/pki/qemu and /etc/pki/libvirt-spice (the old > location) as directories that qemu run by libvirt is permitted to read.
I'm happy to apply a (tested) patch (lacking bandwidth for anything else) and I'll do an upload before the buster deadline. Cheers, -- Guido
