** Description changed: Trying to pass a SCSI device from the host to a VM with this XML definition: - <hostdev mode='subsystem' type='scsi' managed='no' sgio='filtered' rawio='no'> - <source> - <adapter name='scsi_host2'/> - <address bus='0' target='0' unit='0'/> - </source> - <address type='drive' controller='0' bus='0' target='0' unit='0'/> - </hostdev> + <hostdev mode='subsystem' type='scsi' managed='no' sgio='filtered' rawio='no'> + <source> + <adapter name='scsi_host2'/> + <address bus='0' target='0' unit='0'/> + </source> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </hostdev> Results in Apparmor denials like this during the VM startup: apparmor="DENIED" operation="open" profile="libvirt-65e0d1b9-f6b1-4926-8648-dc685778555a" name="/dev/sg2" pid=7904 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=111 ouid=111 apparmor="DENIED" operation="open" profile="libvirt-65e0d1b9-f6b1-4926-8648-dc685778555a" name="/dev/sg2" pid=7904 comm="qemu-system-x86" requested_mask="wr" denied_mask="wr" fsuid=111 ouid=111 + Workaround: - Workaround: add "owner /dev/sg2 rw," to /etc/apparmor.d/abstractions/libvirt-qemu + Add "owner /dev/sg2 rw," to /etc/apparmor.d/libvirt/libvirt-$UUID and + restart libvirt-bin. Additional information: # lsb_release -rd Description: Ubuntu 16.04 LTS Release: 16.04 # apt-cache policy libvirt-bin apparmor libvirt-bin: - Installed: 1.3.1-1ubuntu10 - Candidate: 1.3.1-1ubuntu10 - Version table: - *** 1.3.1-1ubuntu10 500 - 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages - 100 /var/lib/dpkg/status + Installed: 1.3.1-1ubuntu10 + Candidate: 1.3.1-1ubuntu10 + Version table: + *** 1.3.1-1ubuntu10 500 + 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages + 100 /var/lib/dpkg/status apparmor: - Installed: 2.10.95-0ubuntu2 - Candidate: 2.10.95-0ubuntu2 - Version table: - *** 2.10.95-0ubuntu2 500 - 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages - 100 /var/lib/dpkg/status + Installed: 2.10.95-0ubuntu2 + Candidate: 2.10.95-0ubuntu2 + Version table: + *** 2.10.95-0ubuntu2 500 + 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages + 100 /var/lib/dpkg/status ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: libvirt-bin 1.3.1-1ubuntu10 ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6 Uname: Linux 4.4.0-21-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl ApportVersion: 2.20.1-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Thu Apr 21 14:34:10 2016 KernLog: - + SourcePackage: libvirt UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf'] modified.conffile..etc.libvirt.qemu.networks.default.xml: [deleted]
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1573192 Title: apparmor prevents using SCSI hostdevs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1573192/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
