Ubuntu
libvirt package

apparmor profile denies sys_ptrace when using sdl

Bug #570488 reported by Marc Deslauriers on 2010-04-27

10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	libvirt (Ubuntu)	Won't Fix	Low	Unassigned

Bug Description

When starting a VM with virt-manager and using SDL graphics, I get an apparmor deny message for sys_ptrace.

/usr/bin/apparmor_notify
Profile: libvirt-0ae9a4cf-2e46-3df2-7559-c53176c0682e
Operation: capable
Name: sys_ptrace
Logfile: /var/log/kern.log

AppArmor denial: 1 (since Sun Apr 25 20:29:25 2010)
For more information, please see: https://wiki.ubuntu.com/DebuggingApparmor

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: libvirt-bin 0.7.5-5ubuntu27
ProcVersionSignature: Ubuntu 2.6.32-21.32-generic 2.6.32.11+drm33.2
Uname: Linux 2.6.32-21-generic x86_64
NonfreeKernelModules: nvidia
Architecture: amd64
Date: Mon Apr 26 20:36:59 2010
EcryptfsInUse: Yes
ProcEnviron:
PATH=(custom, user)
LANG=en_CA.utf8
SHELL=/bin/bash
SourcePackage: libvirt

Tags:

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2010-04-27:

#1

VM xml file Edit (1.0 KiB, text/xml)
Dependencies.txt Edit (2.6 KiB, text/plain; charset="utf-8")

tags:	added: apparmor
Changed in libvirt (Ubuntu):
assignee:	nobody → Jamie Strandboge (jdstrand)

Revision history for this message

Thierry Carrez (ttx) wrote on 2010-04-28:

#2

Does it prevent your VM from starting ? (you can set importance to High if it does, set to Low if it doesn't)

Changed in libvirt (Ubuntu):
status:	New → Incomplete

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2010-04-28:

#3

Thierry, Marc and I discussed this and the machine otherwise operates fine. Why ptrace is used with sdl needs to be investigated.

Changed in libvirt (Ubuntu):
importance:	Undecided → Low
status:	Incomplete → Confirmed

Revision history for this message

Serge Hallyn (serge-hallyn) wrote on 2011-12-02:

#4

@Jamie,

did you ever look into this? Should we mark this invalid for libvirt?

Changed in libvirt (Ubuntu):
status:	Confirmed → Incomplete

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2011-12-02:

#5

I'm going to mark this as "Won't Fix". We did not investigate, but since the machine otherwise operates fine, the denial isn't a problem. I'd rather not spend a lot of time looking into it until it is a real problem. Marc, please feel free to reopen if this is causing you any trouble.

Changed in libvirt (Ubuntu):
assignee:	Jamie Strandboge (jdstrand) → nobody
status:	Incomplete → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.