[libvirt] [PATCH] apparmor: pass attach_disconnected
Guido Günther
agx at sigxcpu.org
Mon Dec 19 07:21:36 UTC 2016
to cure
+ virsh lxc-enter-namespace --noseclabel <container> <cmd>
libvirt: error : Expected at least one file descriptor
error: internal error: Child process (2714) unexpected exit status 125
caused by
apparmor="DENIED" operation="open" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/libvirtd" name="" pid=1422 comm="libvirtd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
---
Thanks to intrigeri for the suggestion!
examples/apparmor/usr.sbin.libvirtd | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/examples/apparmor/usr.sbin.libvirtd b/examples/apparmor/usr.sbin.libvirtd
index 48651b28f..b7e47f5c3 100644
--- a/examples/apparmor/usr.sbin.libvirtd
+++ b/examples/apparmor/usr.sbin.libvirtd
@@ -2,7 +2,7 @@
#include <tunables/global>
@{LIBVIRT}="libvirt"
-/usr/sbin/libvirtd {
+/usr/sbin/libvirtd flags=(attach_disconnected) {
#include <abstractions/base>
#include <abstractions/dbus>
--
2.11.0
More information about the libvir-list
mailing list