[Bug 1989100] Re: AppArmor DENIES swtpm pid file access
Marius Vollmer
1989100 at bugs.launchpad.net
Tue Oct 25 07:56:26 UTC 2022
Our test passes with the new version of swtmp from your PPA. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to swtpm in Ubuntu.
https://bugs.launchpad.net/bugs/1989100
Title:
AppArmor DENIES swtpm pid file access
Status in libvirt package in Ubuntu:
Confirmed
Status in swtpm package in Ubuntu:
In Progress
Bug description:
libvirt 8.6.0-0ubuntu1
apparmor 3.0.7-1ubuntu1
One of our CI tests runs virt-install in a specific way that
ultimately fails with this in the error message:
ERROR internal error: Could not get process id of swtpm
The journal has this message:
audit: type=1400 audit(1662628523.308:121): apparmor="DENIED"
operation="file_inherit" profile="swtpm"
name="/run/libvirt/qemu/swtpm/1-VmNotInstalled-swtpm.pid" pid=13944
comm="swtpm" requested_mask="w" denied_mask="w" fsuid=118 ouid=0
This is nested virtualization. If you need the exact invocation of
virt-install, I can dig that out.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1989100/+subscriptions
More information about the foundations-bugs
mailing list