[Bug 462000] Re: apparmor disallows qemu+tcp:// connections

[Jamie Strandboge]

This now works in 0.7.0-1ubuntu13.1.

** Description changed:

  TEST CASE;
  1. adjust /etc/libvirt/libvirtd.conf to have:
  listen_tls = 0
  listen_tcp = 1
  
  2. Restart libvirt in listen mode:
  $ sudo /etc/init.d/libvirt-bin stop
  $ sudo libvirtd -d --listen
  
  3. see if it worked:
- $ virsh qemu+tcp://<ip address of remote libvirtd>/system capabilities
+ $ virsh -c qemu+tcp://127.0.0.1/system capabilities
  Please enter your authentication name:
  
  If you are prompted for authentication in step #3, then everything is
  fine (can't authenticate because we haven't setup sasl).
  
  Currently get the following output from libvirtd in step #2:
  14:48:14.916: warning : qemudStartup:521 : Unable to create cgroup for driver: No such device or address
  14:48:15.005: warning : lxcStartup:1460 : Unable to create cgroup for driver: No such device or address
  14:48:15.017: error : remoteMakeSockets:584 : socket: Permission denied
  
  And in dmesg:
  Oct 27 14:48:15 sec-karmic-amd64 kernel: [60424.438021] type=1503 audit(1256654895.009:40): operation="socket_create" pid=15842 parent=11268 profile="/usr/sbin/libvirtd" family="inet6" sock_type="dgram" protocol=0
  Oct 27 14:48:15 sec-karmic-amd64 kernel: [60424.438093] type=1503 audit(1256654895.009:41): operation="socket_create" pid=15842 parent=11268 profile="/usr/sbin/libvirtd" family="inet6" sock_type="stream" protocol=6
  
  Need to add the following to the profile:
-   network inet6 stream,
-   network inet6 dgram,
+   network inet6 stream,
+   network inet6 dgram,

-- 
apparmor disallows qemu+tcp:// connections
https://bugs.launchpad.net/bugs/462000
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.