This patch-series aims to address the bug reported in [1] and [2]. Bug description : Some times libvirt fails to start a vm with the following error : libvirt: error : unable to set AppArmor profile 'libvirt-b05b297f-952f-42d6-b04e-f9a13767db54' for '/usr/bin/kvm-spice': No such file or directory This happens because file /etc/apparmor.d/libvirt/libvirt-<vm-uuid> has 0 size. During the vm start-up virt-aa-helper tries to load the profile and because it is 0 it fails. When file /etc/apparmor.d/libvirt/libvirt-<vm-uuid> is removed the vm can start without problems. To address this issue this patch-series suggests the following. On the vm start-up check if the profile has 0 size and if this is the case remove it and create it again. To do so a new option (-P) is introduced and also create and remove profile fuctionalities are placed into separate functions. The first commit moves create and remove functionlites into functinos for later reuse from different places. The second commit adds a new option (-P) to remove the profile file. The thid commit implements the actual fix (check if the profile has 0 size and if so remove it and create it again). The fourth patch adds a test for the above fix. [1] https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1927519 [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890084 Ioanna Alifieraki (4): virt-aa-helper: Move create and remove profile into separate functions virt-aa-helper: Add new purge (-P) option virt-aa-helper: Purge profile if corrupted virt-aa-helper: test: add test for new option -P src/security/virt-aa-helper.c | 87 ++++++++++++++++++++++++++--------- tests/meson.build | 1 + tests/virt-aa-helper-test | 29 ++++++++++++ 3 files changed, 96 insertions(+), 21 deletions(-) -- 2.17.1
