[apparmor] Bug#847370: Recent apparmor broke "virsh lxc-enter"

intrigeri intrigeri at debian.org
Mon Dec 19 11:17:55 UTC 2016

Guido Günther:
>> Well, info="Failed name lookup - disconnected path" does ring a bell.
>> It might be that the libvirtd profile needs the attach_disconnected
>> flag (there are plenty of examples that do in my /etc/apparmor.d).
>> Can you please try and report back?

> That worked, reassigning to libvirt. Thanks a lot!


> That said this is a behaviour change in apparmor / kernel that breaks
> existing profiles. Do we have any means to deal with such things?

Not sure what we can do about it. I'm personally not closely tracking
the kernel side of things. Ideally the upstream AppArmor mailing list
would be notified when such changes are merged in Linux mainline.
Cc'ing the upstream mailing list: what do you think?

[Please drop the bug report, but keep Guido, in the list of
recipients when replying.]


More information about the AppArmor mailing list