Public bug reported:
jammy minimal install using desktop iso, at installer choose root on zfs
once installed, at gui disable the buggy wayland since teamviewer
doesn't work well with it
then install virt-manager & friends
in virt-manager start the wizard for new machine, select windows 10,
create zfs volume for it
virsh edit the vm to add SLIC & friends from /sys/firmware/acpi/tables
and <sysinfo> stuff from dmidecode to virtualize the previsously backed
up oem bare metal install that came with the machine
power on the vm
result:
apr 29 16:01:31 cglinux audit[543570]: AVC apparmor="STATUS"
operation="profile_replace" profile="unconfined"
name="libvirt-4c4c4544-0050-5210-8044-b3c04f563533" pid=543570
comm="apparmor_parser"
apr 29 16:01:31 cglinux kernel: audit: type=1400 audit(1651237291.689:137):
apparmor="STATUS" operation="profile_replace" profile="unconfined"
name="libvirt-4c4c4544-0050-5210-8044-b3c04f563533" pid=543570
comm="apparmor_parser"
apr 29 16:01:31 cglinux systemd-machined[1678]: New machine
qemu-9-win11oem-uefi1.
apr 29 16:01:31 cglinux systemd[1]: Started Virtual Machine
qemu-9-win11oem-uefi1.
apr 29 16:01:31 cglinux audit[543597]: AVC apparmor="DENIED" operation="open"
profile="libvirt-4c4c4544-0050-5210-8044-b3c04f563533"
name="/var/lib/libvirt/images/SLIC" pid=543597 comm="qemu-system-x86"
requested_mask="r" denied_mask="r" fsuid=64055 ouid=64055
apr 29 16:01:31 cglinux kernel: audit: type=1400 audit(1651237291.781:138):
apparmor="DENIED" operation="open"
profile="libvirt-4c4c4544-0050-5210-8044-b3c04f563533"
name="/var/lib/libvirt/images/SLIC" pid=543597 comm="qemu-system-x86"
requested_mask="r" denied_mask="r" fsuid=64055 ouid=64055
apr 29 16:01:31 cglinux kernel: virbr0: port 1(vnet7) entered disabled state
apr 29 16:01:31 cglinux kernel: device vnet7 left promiscuous mode
apr 29 16:01:31 cglinux kernel: virbr0: port 1(vnet7) entered disabled state
apr 29 16:01:31 cglinux NetworkManager[1646]: <info> [1651237291.8225] device
(vnet7): state change: activated -> unmanaged (reason 'unmanaged',
sys-iface-state: 'removed')
apr 29 16:01:31 cglinux NetworkManager[1646]: <info> [1651237291.8226] device
(vnet7): released from master device virbr0
apr 29 16:01:31 cglinux gnome-shell[3733]: Removing a network device that was
not added
apr 29 16:01:31 cglinux gnome-shell[3733]: JS ERROR: TypeError:
this._devices[section] is undefined
_connectionRemoved@resource:///org/gnome/shell/ui/status/network.js:1996:27
apr 29 16:01:31 cglinux libvirtd[1932]: Unable to read from monitor: Connection
reset by peer
apr 29 16:01:31 cglinux systemd[1]:
machine-qemu\x2d9\x2dwin11oem\x2duefi1.scope: Deactivated successfully.
apr 29 16:01:31 cglinux libvirtd[1932]: internal error: qemu unexpectedly
closed the monitor: qemu-system-x86_64: -acpitable
file=/var/lib/libvirt/images/SLIC: can't open file
/var/lib/libvirt/images/SLIC: Permission denied
apr 29 16:01:31 cglinux libvirtd[1932]: internal error: process exited while
connecting to monitor: qemu-system-x86_64: -acpitable
file=/var/lib/libvirt/images/SLIC: can't open file
/var/lib/libvirt/images/SLIC: Permission denied
apr 29 16:01:31 cglinux systemd-machined[1678]: Machine qemu-9-win11oem-uefi1
terminated.
apr 29 16:01:31 cglinux audit[543615]: AVC apparmor="STATUS"
operation="profile_remove" profile="unconfined"
name="libvirt-4c4c4544-0050-5210-8044-b3c04f563533" pid=543615
comm="apparmor_parser"
apr 29 16:01:31 cglinux kernel: audit: type=1400 audit(1651237291.977:139):
apparmor="STATUS" operation="profile_remove" profile="unconfined"
name="libvirt-4c4c4544-0050-5210-8044-b3c04f563533" pid=543615
comm="apparmor_parser"
tried various chown of files copied in var lib libvirt images from root
to my username to libvirt-qemu, no success, until I realized from logs
that it's apparmor fault, not file owner.
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: qemu-system-x86 1:6.2+dfsg-2ubuntu6
ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
Uname: Linux 5.15.0-27-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.11-0ubuntu82
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Fri Apr 29 16:10:20 2022
InstallationDate: Installed on 2022-04-28 (1 days ago)
InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 (20220419)
KvmCmdLine: COMMAND STAT EUID RUID PID PPID %CPU COMMAND
Lsusb:
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 003: ID 413c:2113 Dell Computer Corp. KB216 Wired Keyboard
Bus 001 Device 002: ID 413c:301a Dell Computer Corp. Dell MS116 Optical Mouse
Bus 001 Device 004: ID 0b05:17d1 ASUSTek Computer, Inc. AC51 802.11a/b/g/n/ac
Wireless Adapter [Mediatek MT7610U]
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
MachineType: Dell Inc. OptiPlex 3070
ProcKernelCmdLine: BOOT_IMAGE=/BOOT/ubuntu_706ywm@/vmlinuz-5.15.0-27-generic
root=ZFS=rpool/ROOT/ubuntu_706ywm ro quiet splash vt.handoff=1
SourcePackage: qemu
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 09/27/2021
dmi.bios.release: 1.10
dmi.bios.vendor: Dell Inc.
dmi.bios.version: 1.10.0
dmi.board.name: 07WP95
dmi.board.vendor: Dell Inc.
dmi.board.version: A02
dmi.chassis.type: 3
dmi.chassis.vendor: Dell Inc.
dmi.modalias:
dmi:bvnDellInc.:bvr1.10.0:bd09/27/2021:br1.10:svnDellInc.:pnOptiPlex3070:pvr:rvnDellInc.:rn07WP95:rvrA02:cvnDellInc.:ct3:cvr:sku0930:
dmi.product.family: OptiPlex
dmi.product.name: OptiPlex 3070
dmi.product.sku: 0930
dmi.sys.vendor: Dell Inc.
** Affects: qemu (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug jammy
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970940
Title:
apparmor is preventing access to user copied files in
/var/lib/libvirt/images/ thus resulting in failure to start vm
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1970940/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
