Comment 4 for bug 431090

Jamie, thank you for taking a look here. First, after your response, I've been able to modify /etc/apparmor.d/abstractions/libvirt-qemu with the following:

  /var/lib/eucalyptus/instances/**/console.log w,
  /var/lib/eucalyptus/instances/**/kernel r,
  /var/lib/eucalyptus/instances/**/ramdisk r,

in order to allow the NC to start a VM. I believe that kernel can always be 'r' only, but I'm not 100% sure about the initrc (ramdisk). It may be the case that some VMs could potentially modify the initrd on boot.

Regarding pidfile, monitor, log file:

from the commandline -

/usr/bin/kvm -S -M pc-0.11 -m 128 -smp 1 -name i-4CFC08E8 -uuid 9f141023-980c-0577-d143-72fcd2d8b7f1 -nographic -monitor unix:/var/run/libvirt/qemu/i-4CFC08E8.monitor,server,nowait -boot c -kernel /var/lib/eucalyptus/instances/admin/i-4CFC08E8/kernel -initrd /var/lib/eucalyptus/instances/admin/i-4CFC08E8/ramdisk -append root=/dev/sda1 console=ttyS0 -drive file=/var/lib/eucalyptus/instances/admin/i-4CFC08E8/disk,if=scsi,index=0,boot=on -net nic,macaddr=d0:0d:4c:fc:08:e8,vlan=0,model=e1000,name=e1000.0 -net tap,fd=17,vlan=0,name=tap.0 -serial file:/var/lib/eucalyptus/instances/admin/i-4CFC08E8/console.log -parallel none -usb

I at least see the monitor file path (/var/run/libvirt/qemu/i-4CFC08E8.monitor), libvirt doesn't appear to be specifying a pid or logfile path, and so i believe they are going to their default location(s). I can at least confirm that the logfile is being dropped in /var/log/libvirt/qemi//i-4CFC08E8.log (cannot confirm pidfile because the process is dying right away).

example libvirt dumpxml:

Connecting to uri: qemu:///system
<domain type='kvm' id='7'>
  <name>i-516E092C</name>
  <uuid>443555e4-42a5-d231-8bf6-4f862cf33bf9</uuid>
  <memory>131072</memory>
  <currentMemory>131072</currentMemory>
  <vcpu>1</vcpu>
  <os>
    <type arch='x86_64' machine='pc-0.11'>hvm</type>
    <kernel>/var/lib/eucalyptus/instances/admin/i-516E092C/kernel</kernel>
    <initrd>/var/lib/eucalyptus/instances/admin/i-516E092C/ramdisk</initrd>
    <cmdline>root=/dev/sda1 console=ttyS0</cmdline>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
  </features>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>destroy</on_crash>
  <devices>
    <emulator>/usr/bin/kvm</emulator>
    <disk type='file' device='disk'>
      <source file='/var/lib/eucalyptus/instances/admin/i-516E092C/disk'/>
      <target dev='sda' bus='scsi'/>
    </disk>
    <interface type='bridge'>
      <mac address='d0:0d:51:6e:09:2c'/>
      <source bridge='br0'/>
      <target dev='vnet0'/>
      <model type='e1000'/>
    </interface>
    <serial type='file'>
      <source path='/var/lib/eucalyptus/instances/admin/i-516E092C/console.log'/>
      <target port='0'/>
    </serial>
    <console type='file'>
      <source path='/var/lib/eucalyptus/instances/admin/i-516E092C/console.log'/>
      <target port='0'/>
    </console>
  </devices>
</domain>

Regards