[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: apparmor DENIED on domain shutdown



On 03/12/2020 19:20, Jim Fehlig wrote:
On 12/3/20 4:42 AM, Francesc Guasch wrote:
Hi. I upgraded one of my servers to Ubuntu 20.04. Since then domains
won't shutdown. They are in the "in shutdown" state.

I see this message in the logs:

kernel: [740222.848210] audit: type=1400 audit(1606983397.013:338): apparmor="DENIED" operation="signal" profile="libvirt-a2c1456f-3371-49eb-9fa4-f8576ca4e878" pid=2375 comm="libvirtd" requested_mask="receive" denied_mask="receive" signal=term peer="libvirtd"

Are you using lxc? I recently posted a patch allowing lxc domains to receive signals from libvirtd

https://www.redhat.com/archives/libvir-list/2020-December/msg00187.html


Jim ! I am not using LXC, but KVM. That worked like a charm. For the
record that is exactly what I changed:

I added to the file :

    /etc/apparmor.d/usr.sbin.libvirtd

below:

    # For communication/control from libvirtd

    signal (receive) peer=libvirtd,
    signal (receive) peer=/usr/sbin/libvirtd

Thank you very much.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]