[Bug 1989100] Re: AppArmor DENIES swtpm pid file access
Kristoffer Rath Hansen
1989100 at bugs.launchpad.net
Mon Oct 24 23:03:08 UTC 2022
Thanks Lena! I added your repo, and upgraded, and it fixed it. Awesome
that the community fixes things - like 4 hours before I look for it!
Thank you for your work!
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to swtpm in Ubuntu.
https://bugs.launchpad.net/bugs/1989100
Title:
AppArmor DENIES swtpm pid file access
Status in libvirt package in Ubuntu:
Confirmed
Status in swtpm package in Ubuntu:
In Progress
Bug description:
libvirt 8.6.0-0ubuntu1
apparmor 3.0.7-1ubuntu1
One of our CI tests runs virt-install in a specific way that
ultimately fails with this in the error message:
ERROR internal error: Could not get process id of swtpm
The journal has this message:
audit: type=1400 audit(1662628523.308:121): apparmor="DENIED"
operation="file_inherit" profile="swtpm"
name="/run/libvirt/qemu/swtpm/1-VmNotInstalled-swtpm.pid" pid=13944
comm="swtpm" requested_mask="w" denied_mask="w" fsuid=118 ouid=0
This is nested virtualization. If you need the exact invocation of
virt-install, I can dig that out.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1989100/+subscriptions
More information about the foundations-bugs
mailing list