[Bug 545795] Re: apparmor driver blocks access to hostdev and pcidev devices
Andreas Ntaflos
daff at dword.org
Tue May 4 16:07:24 BST 2010
Jamie, yes this fixes it. thank you!
I notice however some redundancies between abstractions/libvirt-qemu and
usr.lib.libvirt.virt-aa-helper? At least the line "/sys/bus/usb/devices/
r," appears in both, don't know if that matters any, though. So that's
good :)
But now I have discovered something else. When booting a VM that has a
USB device included in its XML definition (like here:
https://daff.pseudoterminal.org/files/vm-usb.txt) now thanks to this fix
works fine. *However* trying to attach a USB device while the VM is
running (using virt-manager in my case) results in these messages in
/var/log/libvirt/qemu/vm.log:
usb_create: no bus specified, using "usb.0" for "usb-host"
husb: open device 5.2
/dev/bus/usb/005/002: Permission denied
husb: open device 5.2
/dev/bus/usb/005/002: Permission denied
husb: open device 5.2
And in /var/log/kern.log:
May 4 17:01:19 TESTHOST kernel: [79029.932635] type=1503
audit(1272985279.341:1009): operation="open" pid=23782 parent=1 profile
="libvirt-959806d1-327a-cd14-6b3f-ddeee8a19d0e" requested_mask="rw::"
denied_mask="rw::" fsuid=0 ouid=0 name="/dev/bus/usb/005/002"
So it seems that access to "/dev/bus/usb/**" is needed as well?
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
More information about the Ubuntu-server-bugs
mailing list