apparmor DENIED on domain shutdown
Francesc Guasch
frankie at telecos.upc.edu
Fri Dec 4 08:21:06 UTC 2020
On 03/12/2020 19:20, Jim Fehlig wrote:
> On 12/3/20 4:42 AM, Francesc Guasch wrote:
>> Hi. I upgraded one of my servers to Ubuntu 20.04. Since then domains
>> won't shutdown. They are in the "in shutdown" state.
>>
>> I see this message in the logs:
>>
>> kernel: [740222.848210] audit: type=1400 audit(1606983397.013:338):
>> apparmor="DENIED" operation="signal"
>> profile="libvirt-a2c1456f-3371-49eb-9fa4-f8576ca4e878" pid=2375
>> comm="libvirtd" requested_mask="receive" denied_mask="receive"
>> signal=term peer="libvirtd"
>
> Are you using lxc? I recently posted a patch allowing lxc domains to
> receive signals from libvirtd
>
> https://www.redhat.com/archives/libvir-list/2020-December/msg00187.html
>
Jim ! I am not using LXC, but KVM. That worked like a charm. For the
record that is exactly what I changed:
I added to the file :
/etc/apparmor.d/usr.sbin.libvirtd
below:
# For communication/control from libvirtd
signal (receive) peer=libvirtd,
signal (receive) peer=/usr/sbin/libvirtd
Thank you very much.
More information about the libvirt-users
mailing list