[Bug 588369] Re: can't disable AppArmor via qemu.conf
Jamie Strandboge
jamie at ubuntu.com
Tue Jun 1 17:39:01 BST 2010
** Description changed:
I should be able to adjust /etc/libvirt/qemu.conf to have:
security_driver = "none"
This no longer works as seen by:
$ virsh capabilities
- <host>
- ...
- <secmodel>
- <model>apparmor</model>
- <doi>0</doi>
- </secmodel>
- </host>
+ <host>
+ ...
+ <secmodel>
+ <model>apparmor</model>
+ <doi>0</doi>
+ </secmodel>
+ </host>
And VMs start confined:
$ sudo aa-status
apparmor module is loaded.
...
4 processes are in enforce mode :
- ...
- libvirt-7d781722-69b7-8801-fe96-caf37b7a8969 (1217)
+ ...
+ libvirt-7d781722-69b7-8801-fe96-caf37b7a8969 (1217)
+
+ WORKAROUND:
+ You can disable AppArmor for only libvirt with:
+
+ $ sudo touch /etc/apparmor.d/disable/usr.sbin.libvirtd
+ $ sudo reboot
** Changed in: libvirt (Ubuntu)
Importance: Undecided => Low
--
can't disable AppArmor via qemu.conf
https://bugs.launchpad.net/bugs/588369
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
More information about the Ubuntu-server-bugs
mailing list