I encountered an AppArmor denial in Ubuntu 14.04. I had filed a bug here https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1324251
I just wanted to see this applied upstream from Ubuntu. This update to the profile is necessary to write to 9pfs mounts. Let me know what you think about the following patch:
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu
index 83814ec..c80294c 100644
--- a/examples/apparmor/libvirt-qemu
+++ b/examples/apparmor/libvirt-qemu
@@ -9,6 +9,10 @@
capability dac_read_search,
capability chown,
+ # to create and modify with 9p shares
+ capability fowner,
+ capability fsetid,
+
# needed to drop privileges
capability setgid,
capability setuid,
I’m running on libvirt: 1.2.2
My host machine is: x86_64
The hypervisor is: KVM
--
Steven
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list