Extending your already good testcase description:
# create a simple guest
$ sudo apt-get install uvtool-libvirt zfsutils-linux
$ uvt-simplestreams-libvirt --verbose sync --source
http://cloud-images.ubuntu.com/daily arch=amd64 label=daily release=xenial
$ ssh-keygen
$ uvt-kvm create --password=ubuntu testguest release=xenial arch=amd64
label=daily
# create a zpool to use
$ for i in $(seq 1 3); do dd if=/dev/zero of=/tmp/fdisk${i} bs=1M count=1024;
done
$ sudo zpool create internal /tmp/fdisk*
# make pool in libvirt and guest disk foo
$ virsh pool-define-as internal zfs
$ virsh pool-start internal
$ virsh vol-create-as internal foo 2G
# link up zpool, by adding this to the guest
<disk type='volume' device='disk'>
<driver name='qemu' type='raw' cache='none'/>
<source pool='internal' volume='foo'/>
<target dev='vdc' bus='virtio'/>
</disk>
# start the guest
$ virsh start testguest
All run into:
Could not open '/dev/zvol/internal/foo': Permission denied
And I can see the reported Deny:
apparmor="DENIED" operation="open" [...] name="/dev/zd0" [...]
That said setting to confirmed for now.
Also I checked this applies to all of releases X-Z.
Need to dive into aa-helper how close or far that is as of today to get
this done.
** Changed in: libvirt (Ubuntu)
Status: New => Confirmed
** Also affects: libvirt (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: libvirt (Ubuntu Zesty)
Importance: Undecided
Status: Confirmed
** Also affects: libvirt (Ubuntu Yakkety)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1677398
Title:
Apparmor prevents using ZFS storage pools
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1677398/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
