24 Aug
2018
24 Aug
'18
9:27 a.m.
On Fri, Aug 24, 2018 at 08:12:11AM +0200, Christian Ehrhardt wrote:
Due to kernel upstream change 338d0be4 ("apparmor: fix ptrace read check") libvirt now hits apparmor denies like: apparmor="DENIED" operation="ptrace" profile="/usr/sbin/libvirtd" pid=4409 comm="libvirtd" requested_mask="read" denied_mask="read" peer="libvirt-14e92a75-7668-4b97-8f92-322fc1b9c78a"
Extend the ptrace rule to also allow 'ptrace (read)' for libvirtd to work with these newer kernels.
Fixes: https://bugs.launchpad.net/bugs/1788603
Reported-by: Thadeu Lima de Souza Cascardo <thadeu.cascardo@canonical.com> Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> --- Reviewed-by: Erik Skultety <eskultet@redhat.com>