Apparmor can't by design follow symlinks (https://bugs.launchpad.net/apparmor/+bug/1485055). So test-inserting into /etc/apparmor.d/abstractions/libvirt-qemu: - /dev/zvol/internal/foo rw, => still fails - /dev/zd0 rw, => works (guest sees disk as expected) So does any generic rule.
So the following might serve as a temporary workaround adding "/dev/zd[0-9]* rw" to /etc/apparmor.d/abstractions/libvirt-qemu. Simon I'm sure you had that already, but this is for whoever else comes by. I see that this needs dev-activity -> upstream-libvirt -> merge new libvirt -> SRUs so I wanted to provide some sort of workaround. TODO: - get aa-helper to consider pool zvols - resolve symlink as we need the target in the rule -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1677398 Title: Apparmor prevents using ZFS storage pools To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1677398/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
