[Bug 588369] Re: can't disable AppArmor via qemu.conf

Jamie Strandboge jamie at ubuntu.com
Tue Jun 1 17:39:01 BST 2010


** Description changed:

  I should be able to adjust /etc/libvirt/qemu.conf to have:
  security_driver = "none"
  
  This no longer works as seen by:
  $ virsh capabilities
-   <host>
-     ...
-     <secmodel>
-       <model>apparmor</model>
-       <doi>0</doi>
-     </secmodel>
-   </host>
+   <host>
+     ...
+     <secmodel>
+       <model>apparmor</model>
+       <doi>0</doi>
+     </secmodel>
+   </host>
  
  And VMs start confined:
  $ sudo aa-status
  apparmor module is loaded.
  ...
  4 processes are in enforce mode :
-    ...
-    libvirt-7d781722-69b7-8801-fe96-caf37b7a8969 (1217)
+    ...
+    libvirt-7d781722-69b7-8801-fe96-caf37b7a8969 (1217)
+ 
+ WORKAROUND:
+ You can disable AppArmor for only libvirt with:
+ 
+ $ sudo touch /etc/apparmor.d/disable/usr.sbin.libvirtd
+ $ sudo reboot

** Changed in: libvirt (Ubuntu)
   Importance: Undecided => Low

-- 
can't disable AppArmor via qemu.conf
https://bugs.launchpad.net/bugs/588369
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.



More information about the Ubuntu-server-bugs mailing list