[Bug 462000] Re: apparmor disallows qemu+tcp:// connections

Jamie Strandboge jamie at ubuntu.com
Tue Oct 27 15:22:15 GMT 2009 

** Description changed:

  TEST CASE;
  1. adjust /etc/libvirt/libvirtd.conf to have:
  listen_tls = 0
  listen_tcp = 1
  
  2. Restart libvirt in listen mode:
  $ sudo /etc/init.d/libvirt-bin stop
  $ sudo libvirtd -d --listen
  
  3. see if it worked:
  $ virsh qemu+tcp://<ip address of remote libvirtd>/system capabilities
  Please enter your authentication name:
  
  If you are prompted for authentication in step #3, then everything is
  fine (can't authenticate because we haven't setup sasl).
  
  Currently get the following output from libvirtd in step #2:
  14:48:14.916: warning : qemudStartup:521 : Unable to create cgroup for driver: No such device or address
  14:48:15.005: warning : lxcStartup:1460 : Unable to create cgroup for driver: No such device or address
  14:48:15.017: error : remoteMakeSockets:584 : socket: Permission denied
  
  And in dmesg:
  Oct 27 14:48:15 sec-karmic-amd64 kernel: [60424.438021] type=1503 audit(1256654895.009:40): operation="socket_create" pid=15842 parent=11268 profile="/usr/sbin/libvirtd" family="inet6" sock_type="dgram" protocol=0
  Oct 27 14:48:15 sec-karmic-amd64 kernel: [60424.438093] type=1503 audit(1256654895.009:41): operation="socket_create" pid=15842 parent=11268 profile="/usr/sbin/libvirtd" family="inet6" sock_type="stream" protocol=6
  
  Need to add the following to the profile:
+   network inet6 stream,
+   network inet6 dgram,

** Tags added: apparmor

** Also affects: libvirt (Ubuntu Karmic)
   Importance: Undecided
       Status: New

** Changed in: libvirt (Ubuntu Karmic)
   Importance: Undecided => Low

** Changed in: libvirt (Ubuntu Karmic)
       Status: New => In Progress

** Changed in: libvirt (Ubuntu Karmic)
    Milestone: None => karmic-updates

** Changed in: libvirt (Ubuntu Karmic)
     Assignee: (unassigned) => Jamie Strandboge (jdstrand)

-- 
apparmor disallows qemu+tcp:// connections
https://bugs.launchpad.net/bugs/462000
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.

More information about the Ubuntu-server-bugs mailing list