[Bug 1560149] [NEW] missing seccomp whitelist for qemu-kvm

Simon Déziel 1560149 at bugs.launchpad.net
Mon Mar 21 17:53:52 UTC 2016


Public bug reported:

Steps to reproduce:

1) set "seccomp_sandbox = 1" in /etc/libvirt/qemu.conf
2) restart libvirt-bin
3) create a guest using the attached .xml file
4) start the guest

Current behavior: the guest will remain in the "paused" state and fail
to start because of this:

audit: type=1326 audit(1458582324.294:87): auid=4294967295 uid=114
gid=123 ses=4294967295 pid=17695 comm="qemu-system-x86" exe="/usr/bin
/qemu-system-x86_64" sig=31 arch=c000003e syscall=99 compat=0
ip=0x7fc47c3557d7 code=0x0

Expected behavior: the guest would start normally

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: libvirt-bin 1.3.1-1ubuntu6
ProcVersionSignature: Ubuntu 4.4.0-15.31-generic 4.4.6
Uname: Linux 4.4.0-15-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20-0ubuntu3
Architecture: amd64
CurrentDesktop: Unity
Date: Mon Mar 21 13:40:41 2016
KernLog:

SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']
modified.conffile..etc.libvirt.qemu.networks.default.xml: [deleted]

** Affects: libvirt (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug xenial

** Attachment added: "guest definition"
   https://bugs.launchpad.net/bugs/1560149/+attachment/4606623/+files/ubuntu16.04.xml

** Description changed:

  Steps to reproduce:
  
  1) set "seccomp_sandbox = 1" in /etc/libvirt/qemu.conf
  2) restart libvirt-bin
- 3) create a guest using the spice display type
+ 3) create a guest using the attached .xml file
+ 4) start the guest
  
  Current behavior: the guest will remain in the "paused" state and fail
  to start because of this:
  
  audit: type=1326 audit(1458582324.294:87): auid=4294967295 uid=114
  gid=123 ses=4294967295 pid=17695 comm="qemu-system-x86" exe="/usr/bin
  /qemu-system-x86_64" sig=31 arch=c000003e syscall=99 compat=0
  ip=0x7fc47c3557d7 code=0x0
  
  Expected behavior: the guest would start normally
  
  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: libvirt-bin 1.3.1-1ubuntu6
  ProcVersionSignature: Ubuntu 4.4.0-15.31-generic 4.4.6
  Uname: Linux 4.4.0-15-generic x86_64
  NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
  ApportVersion: 2.20-0ubuntu3
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Mon Mar 21 13:40:41 2016
  KernLog:
-  
+ 
  SourcePackage: libvirt
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']
  modified.conffile..etc.libvirt.qemu.networks.default.xml: [deleted]

** Attachment removed: "guest definition"
   https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1560149/+attachment/4606623/+files/ubuntu16.04.xml

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in Ubuntu.
https://bugs.launchpad.net/bugs/1560149

Title:
  missing seccomp whitelist for qemu-kvm

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1560149/+subscriptions



More information about the Ubuntu-server-bugs mailing list