Reproducing this with LXD. Launching a VM from the latest questing image available (20250903): lxc launch ubuntu-daily:25.10 --vm
The relevant package versions: Package: linux-virtual Version: 6.17.0-4.4 Package: systemd Version: 257.9-0ubuntu1 Package: apparmor Version: 5.0.0~alpha1-0ubuntu6 We see the following denied logs: journalctl --no-pager | grep DENIED Sep 18 13:57:12 excited-lion kernel: audit: type=1400 audit(1758203832.865:196): apparmor="DENIED" operation="capable" class="cap" profile="systemd-detect-virt" pid=973 comm="systemd-detect-" capability=12 capname="net_admin" Sep 18 13:57:12 excited-lion kernel: audit: type=1400 audit(1758203832.868:197): apparmor="DENIED" operation="sendmsg" class="file" info="Failed name lookup - disconnected path" error=-13 profile="systemd-detect-virt" name="run/systemd/journal/socket" pid=973 comm="systemd-detect-" requested_mask="w" denied_mask="w" fsuid=0 ouid=0 Sep 18 13:57:12 excited-lion kernel: audit: type=1400 audit(1758203832.868:198): apparmor="DENIED" operation="capable" class="cap" profile="systemd-detect-virt" pid=973 comm="systemd-detect-" capability=38 capname="perfmon" Sep 18 13:57:12 excited-lion kernel: audit: type=1400 audit(1758203832.868:199): apparmor="DENIED" operation="getattr" class="file" info="Failed name lookup - disconnected path" error=-13 profile="systemd-detect-virt" name="" pid=973 comm="systemd-detect-" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Sep 18 13:57:12 excited-lion kernel: audit: type=1400 audit(1758203832.868:200): apparmor="DENIED" operation="getattr" class="file" info="Failed name lookup - disconnected path" error=-13 profile="systemd-detect-virt" name="" pid=973 comm="systemd-detect-" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Sep 18 13:57:12 excited-lion kernel: audit: type=1400 audit(1758203832.868:201): apparmor="DENIED" operation="sendmsg" class="file" info="Failed name lookup - disconnected path" error=-13 profile="systemd-detect-virt" name="run/systemd/notify" pid=973 comm="systemd-detect-" requested_mask="w" denied_mask="w" fsuid=0 ouid=0 Sep 18 13:57:13 excited-lion kernel: audit: type=1400 audit(1758203833.978:203): apparmor="DENIED" operation="getattr" class="file" info="Failed name lookup - disconnected path" error=-13 profile="systemd-detect-virt" name="" pid=1065 comm="systemd-detect-" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Sep 18 13:57:13 excited-lion kernel: audit: type=1400 audit(1758203833.978:204): apparmor="DENIED" operation="getattr" class="file" info="Failed name lookup - disconnected path" error=-13 profile="systemd-detect-virt" name="" pid=1065 comm="systemd-detect-" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Sep 18 13:57:13 excited-lion kernel: audit: type=1400 audit(1758203833.978:205): apparmor="DENIED" operation="capable" class="cap" profile="systemd-detect-virt" pid=1065 comm="systemd-detect-" capability=12 capname="net_admin" -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2124958 Title: systemd-detect-virt denied perfmon Status in apparmor package in Ubuntu: New Bug description: In testing the latest Questing daily Azure images we start seeing the following denied logs: Sep 14 21:31:24 alan-questing-base-bpajhqaxvj kernel: audit: type=1400 audit(1757885484.185:187): apparmor="DENIED" operation="capable" class="cap" profile="systemd-detect-virt" pid=1012 comm="systemd- detect-" capability=38 capname="perfmon" This started between image builds on 2025-08-22 and 2025-08-25. The following is the change in the image manifest: Packages added: linux-azure-cloud-tools-6.16.0-1001: 6.16.0-1001.1 linux-azure-headers-6.16.0-1001: 6.16.0-1001.1 linux-azure-tools-6.16.0-1001: 6.16.0-1001.1 linux-cloud-tools-6.16.0-1001-azure: 6.16.0-1001.1 linux-headers-6.16.0-1001-azure: 6.16.0-1001.1 linux-image-6.16.0-1001-azure: 6.16.0-1001.1 linux-modules-6.16.0-1001-azure: 6.16.0-1001.1 linux-tools-6.16.0-1001-azure: 6.16.0-1001.1 Packages removed: linux-modules-6.14.0-1007-azure: 6.14.0-1007.7+25.10.1 linux-headers-6.14.0-1007-azure: 6.14.0-1007.7+25.10.1 libdw1t64:amd64: 0.193-1 linux-azure-headers-6.14.0-1007: 6.14.0-1007.7+25.10.1 linux-cloud-tools-6.14.0-1007-azure: 6.14.0-1007.7+25.10.1 linux-image-6.14.0-1007-azure: 6.14.0-1007.7+25.10.1 linux-azure-cloud-tools-6.14.0-1007: 6.14.0-1007.7+25.10.1 linux-tools-6.14.0-1007-azure: 6.14.0-1007.7+25.10.1 linux-azure-tools-6.14.0-1007: 6.14.0-1007.7+25.10.1 Packages modified: libpython3.13-minimal:amd64: 3.13.7-1 libpython3.13-stdlib:amd64: 3.13.7-1 libreadline8t64:amd64: 8.3-1ubuntu1 linux-tools-common: 6.16.0-16.16 python3.13: 3.13.7-1 python3.13-minimal: 3.13.7-1 readline-common: 8.3-1ubuntu1 sudo: 1.9.16p2-3ubuntu2 linux-azure: 6.16.0-1001.1+1 linux-cloud-tools-azure: 6.16.0-1001.1+1 linux-cloud-tools-common: 6.16.0-16.16 linux-headers-azure: 6.16.0-1001.1+1 linux-image-azure: 6.16.0-1001.1+1 linux-tools-azure: 6.16.0-1001.1+1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2124958/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
