Ubuntu
libvirt package

  1. Bug #453335
  2. Comment #19

Comment 19 for bug 453335

Revision history for this message
NightShade (tim-night-shade) wrote :

I think this is actually causing a moderately serious regression with snapshots.

If you look at the contents of an apparmor define for an example VM the deny that silences the error here also prevents snapshot commits from working and because the error is hidden makes this extra difficult to debug.

  "/var/log/libvirt/**/OpenWRT.log" w,
  "/var/lib/libvirt/**/OpenWRT.monitor" rw,
  "/var/run/libvirt/**/OpenWRT.pid" rwk,
  "/run/libvirt/**/OpenWRT.pid" rwk,
  "/var/run/libvirt/**/*.tunnelmigrate.dest.OpenWRT" rw,
  "/run/libvirt/**/*.tunnelmigrate.dest.OpenWRT" rw,
  "/var/lib/libvirt/images/openwrt-x86-kvm_guest-combined-ext4-zfs-1.qcow2" rw,
  "/var/lib/libvirt/images/openwrt-x86-kvm_guest-combined-ext4.img" r,
  # don't audit writes to readonly files
  deny "/var/lib/libvirt/images/openwrt-x86-kvm_guest-combined-ext4.img" w,
  /dev/vhost-net rw,
  "/var/lib/libvirt/images/openwrt-x86-kvm_guest-combined-ext4.img" rw,

The bug number for the snapshot bug is #453335