[Bug 1552241] Re: libvirt-bin apparmor settings for usb host device

wiredfool Tue, 25 Apr 2017 09:12:23 -0700

Affected by this as well. I have libvirt vms on a system that was
upgraded from 14.04 that fail on 16.04 due to updated apparmor settings.


I'm trying to pass a USB dongle through to a windows instance:

    <hostdev mode='subsystem' type='usb' managed='yes'>
      <source>
        <vendor id='0x04b9'/>
        <product id='0x0300'/>
      </source>
    </hostdev>

This was added years ago, probably through the libvirt gui.


Relevant Logs:
Apr 24 04:24:46 phantom-ssd kernel: [682883.819567] audit: type=1400 
audit(1493033086.602:277): apparmor="DENIED" operation="open" 
profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" 
name="/run/udev/data/c189:1" pid=27849 comm="qemu-system-x86" 
requested_mask="r" denied_mask="r" fsuid=119 ouid=0
Apr 24 04:24:46 phantom-ssd kernel: [682883.819697] audit: type=1400 
audit(1493033086.602:278): apparmor="DENIED" operation="open" 
profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" 
name="/run/udev/data/c189:129" pid=27849 comm="qemu-system-x86" 
requested_mask="r" denied_mask="r" fsuid=119 ouid=0
Apr 24 04:24:46 phantom-ssd kernel: [682883.819815] audit: type=1400 
audit(1493033086.602:279): apparmor="DENIED" operation="open" 
profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" 
name="/run/udev/data/c189:0" pid=27849 comm="qemu-system-x86" 
requested_mask="r" denied_mask="r" fsuid=119 ouid=0
Apr 24 04:24:46 phantom-ssd kernel: [682883.819934] audit: type=1400 
audit(1493033086.602:280): apparmor="DENIED" operation="open" 
profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" 
name="/run/udev/data/c189:128" pid=27849 comm="qemu-system-x86" 
requested_mask="r" denied_mask="r" fsuid=119 ouid=0
Apr 24 04:24:46 phantom-ssd kernel: [682883.820120] audit: type=1400 
audit(1493033086.602:281): apparmor="DENIED" operation="open" 
profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" 
name="/run/udev/data/c189:256" pid=27849 comm="qemu-system-x86" 
requested_mask="r" denied_mask="r" fsuid=119 ouid=0


I've tried being selective about what's allowed, e.g. /run/udev/data/c189*, but 
then windows fails when it tries to enumerate the USB entries, 
/run/udev/data/+usb*


** Attachment added: "libvirt xml settings"
   
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1552241/+attachment/4867747/+files/vm.xml

** Changed in: libvirt (Ubuntu)
       Status: Expired => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1552241

Title:
  libvirt-bin apparmor settings for usb host device

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1552241/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1552241] Re: libvirt-bin apparmor settings for usb host device

Reply via email to