Ubuntu
libvirt package

  1. Bug #1552241
  2. Comment #3

Comment 3 for bug 1552241

Revision history for this message
wiredfool (eric-launchpad-soroos) wrote :

Affected by this as well. I have libvirt vms on a system that was upgraded from 14.04 that fail on 16.04 due to updated apparmor settings.

I'm trying to pass a USB dongle through to a windows instance:

    <hostdev mode='subsystem' type='usb' managed='yes'>
      <source>
        <vendor id='0x04b9'/>
        <product id='0x0300'/>
      </source>
    </hostdev>

This was added years ago, probably through the libvirt gui.

Relevant Logs:
Apr 24 04:24:46 phantom-ssd kernel: [682883.819567] audit: type=1400 audit(1493033086.602:277): apparmor="DENIED" operation="open" profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" name="/run/udev/data/c189:1" pid=27849 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=119 ouid=0
Apr 24 04:24:46 phantom-ssd kernel: [682883.819697] audit: type=1400 audit(1493033086.602:278): apparmor="DENIED" operation="open" profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" name="/run/udev/data/c189:129" pid=27849 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=119 ouid=0
Apr 24 04:24:46 phantom-ssd kernel: [682883.819815] audit: type=1400 audit(1493033086.602:279): apparmor="DENIED" operation="open" profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" name="/run/udev/data/c189:0" pid=27849 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=119 ouid=0
Apr 24 04:24:46 phantom-ssd kernel: [682883.819934] audit: type=1400 audit(1493033086.602:280): apparmor="DENIED" operation="open" profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" name="/run/udev/data/c189:128" pid=27849 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=119 ouid=0
Apr 24 04:24:46 phantom-ssd kernel: [682883.820120] audit: type=1400 audit(1493033086.602:281): apparmor="DENIED" operation="open" profile="libvirt-b702ed58-3a9c-77bc-7e52-bcc8053192a4" name="/run/udev/data/c189:256" pid=27849 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=119 ouid=0

I've tried being selective about what's allowed, e.g. /run/udev/data/c189*, but then windows fails when it tries to enumerate the USB entries, /run/udev/data/+usb*