Sounds like the path changed.
You'll need to add the following rule to /etc/apparmor.d/usr.sbin.dnsmasq (or
to the local/ include):
/var/lib/lxd/networks/lxdbr*/dnsmasq.leases rw,
BTW: Do you know if lxd supports different network interface types that
don't match the lxdbr* name pattern? If yes, we'll need to add a more
permissive rule.
** Also affects: apparmor
Importance: Undecided
Status: New
** Tags added: aa-policy
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1634199
Title:
In 16.10, LXD won't work with enforced dsnmasq profile
Status in AppArmor:
New
Status in apparmor package in Ubuntu:
New
Bug description:
After upgrading to 16.0, LXD networking stopped working due to
enforced dnsmasq profile.
audit: type=1400 audit(1476709813.572:4291): apparmor="DENIED"
operation="truncate" profile="/usr/sbin/dnsmasq"
name="/var/lib/lxd/networks/lxdbr0/dnsmasq.leases" pid=13540
comm="dnsmasq" requested_mask="w" denied_mask="w" fsuid=0 ouid=0
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1634199/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
