"Failed to create chardev" due to apparmor DENIED execute of "/usr/lib/pt_chown"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libvirt (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
=======
1. Impact: cannot create pts-backed serial console
2. Fix: grant qemu the needed permissions
3. Test case: Create a vm definition with the xml in #7.
4. Regression potential: there should be no regressions, however we are
allowing vms to read the list of all fds for all processes (though not
the fds themselves), and also allowing the use of pt_chown.
=======
On 14.04 x86_64 a default QEMU VM fails to start (even before the install from ISO image stage) with:
2014-07-15 12:02:56.278+0000: starting up
LC_ALL=C PATH=/usr/
qemu-system-x86_64: -chardev pty,id=charserial0: Failed to create chardev
2014-07-15 12:02:56.494+0000: shutting down
With the kernel log showing:
Jul 15 13:02:56 hephaestion kernel: [48357.666272] audit: type=1400 audit(140542577
Jul 15 13:02:56 hephaestion kernel: [48357.744454] device vnet0 entered promiscuous mode
Jul 15 13:02:56 hephaestion kernel: [48357.752492] virbr0: port 1(vnet0) entered listening state
Jul 15 13:02:56 hephaestion kernel: [48357.752517] virbr0: port 1(vnet0) entered listening state
Jul 15 13:02:56 hephaestion kernel: [48357.811719] audit: type=1400 audit(140542577
Jul 15 13:02:56 hephaestion kernel: [48357.811758] audit: type=1400 audit(140542577
Jul 15 13:02:56 hephaestion kernel: [48357.815363] virbr0: port 1(vnet0) entered disabled state
Jul 15 13:02:56 hephaestion kernel: [48357.816733] device vnet0 left promiscuous mode
Jul 15 13:02:56 hephaestion kernel: [48357.816754] virbr0: port 1(vnet0) entered disabled state
Jul 15 13:02:56 hephaestion kernel: [48358.195004] audit: type=1400 audit(140542577
Changed in libvirt (Ubuntu): | |
status: | Expired → Confirmed |
Changed in libvirt (Ubuntu): | |
status: | Confirmed → Incomplete |
Changed in libvirt (Ubuntu): | |
status: | Incomplete → Triaged |
description: | updated |
Changed in libvirt (Ubuntu Trusty): | |
status: | Fix Committed → Fix Released |
Thank you for taking the time to report this bug and helping to make Ubuntu better. Please execute the following command, as it will automatically gather debugging information, in a terminal: /wiki.ubuntu. com/ReportingBu gs.
apport-collect BUGNUMBER
When reporting bugs in the future please use apport by using 'ubuntu-bug' and the name of the package affected. You can learn more about this functionality at https:/