On Thu, Aug 10, 2017 at 11:19 AM, Christian Ehrhardt <christian.ehrhardt@canonical.com> wrote:

Testing qemu-2.10-rc2 shows issues like:
qemu-system-x86_64: -drive file=/var/lib/uvtool/libvirt/images/kvmguest- \
artful-normal.qcow,format=qcow2,if=none,id=drive-virtio-disk0:
Failed to lock byte 100

It seems the following qemu commit changed the needs for the backing
image rules:

(qemu) commit 244a5668106297378391b768e7288eb157616f64
Author: Fam Zheng <famz@redhat.com>
file-posix: Add image locking to perm operations

Additional Note (but not part of the patch description):

I thought at first I'd be on the "old kernel but new glibc" case of [1] in qemu.

But as explained in the patch it turned out that instead my kernel was new enough and instead I ran into apparmor denials.

Even if that change would be accepted in qemu we would still need the apparmor fix I proposed here, but it is valid context that people might be interested in.

[1]: https://lists.gnu.org/archive/html/qemu-block/2017-07/msg01294.html