1:21 a.m.
to cure
+ virsh lxc-enter-namespace --noseclabel <container> <cmd>
libvirt: error : Expected at least one file descriptor
error: internal error: Child process (2714) unexpected exit status 125
caused by
apparmor="DENIED" operation="open" info="Failed name lookup -
disconnected path" error=-13 profile="/usr/sbin/libvirtd" name=""
pid=1422 comm="libvirtd" requested_mask="r" denied_mask="r"
fsuid=0 ouid=0
---
Thanks to intrigeri for the suggestion!
examples/apparmor/usr.sbin.libvirtd | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/examples/apparmor/usr.sbin.libvirtd b/examples/apparmor/usr.sbin.libvirtd
index 48651b28f..b7e47f5c3 100644
--- a/examples/apparmor/usr.sbin.libvirtd
+++ b/examples/apparmor/usr.sbin.libvirtd
@@ -2,7 +2,7 @@
#include <tunables/global>
@{LIBVIRT}="libvirt"
-/usr/sbin/libvirtd {
+/usr/sbin/libvirtd flags=(attach_disconnected) {
#include <abstractions/base>
#include <abstractions/dbus>
--
2.11.0
7:35 a.m.
Hi,
Guido Günther:
to cure
+ virsh lxc-enter-namespace --noseclabel <container>
<cmd>
libvirt: error : Expected at least one file descriptor
error: internal error: Child process (2714) unexpected exit status 125
caused by
apparmor="DENIED" operation="open"
info="Failed name lookup - disconnected path" error=-13
profile="/usr/sbin/libvirtd" name="" pid=1422
comm="libvirtd" requested_mask="r" denied_mask="r" fsuid=0
ouid=0
---
Thanks to intrigeri for the suggestion!
Tested for my use cases, doesn't break anything, so FWIW:
Acked-by: intrigeri <intrigeri(a)debian.org>
7:38 a.m.
Ha intrigeri beat me by 3 minutes with feedback :-)
Tested it as well over lunch time, working for me too now:
That said:
Acked-by Christian Ehrhardt <christian.ehrhardt(a)canonical.com>
On Mon, Dec 19, 2016 at 2:35 PM, intrigeri <intrigeri+libvirt(a)boum.org>
wrote:
Hi,
Guido Günther:
> to cure
> + virsh lxc-enter-namespace --noseclabel <container> <cmd>
> libvirt: error : Expected at least one file descriptor
> error: internal error: Child process (2714) unexpected exit status 125
> caused by
> apparmor="DENIED" operation="open" info="Failed name
lookup -
disconnected path" error=-13 profile="/usr/sbin/libvirtd"
name="" pid=1422
comm="libvirtd" requested_mask="r" denied_mask="r" fsuid=0
ouid=0
> ---
> Thanks to intrigeri for the suggestion!
Tested for my use cases, doesn't break anything, so FWIW:
Acked-by: intrigeri <intrigeri(a)debian.org>
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
11:27 p.m.
Hi intrigeri, Hi Christian,
thanks for testing!
On Mon, Dec 19, 2016 at 02:38:57PM +0100, Christian Ehrhardt wrote:
Ha intrigeri beat me by 3 minutes with feedback :-)
Tested it as well over lunch time, working for me too now:
That said:
Acked-by Christian Ehrhardt <christian.ehrhardt(a)canonical.com>
Pushed now.
-- Guido
2872
days inactive
2874
days old
3 comments
3 participants
participants (3)
-
Christian Ehrhardt -
Guido Günther -
intrigeri