Comment # 5 on bug 1125841 from 
(In reply to Martin Kalivoda from comment #2)
> (In reply to James Fehlig from comment #1)
> > Is apparmor running? E.g. what is the output of 'systemctl status
> > apparmor.service' and 'aa-status'?
> 
> ��� apparmor.service - Load AppArmor profiles
>    Loaded: loaded (/usr/lib/systemd/system/apparmor.service; enabled; vendor
> preset: enabled)
>    Active: active (exited) since Tue 2019-02-19 01:07:46 CET; 23h ago
>  Main PID: 696 (code=exited, status=0/SUCCESS)
>     Tasks: 0 (limit: 4915)
>    Memory: 0B
>    CGroup: /system.slice/apparmor.service
> 
> Feb 19 01:07:38 vhost4 systemd[1]: Starting Load AppArmor profiles...
> Feb 19 01:07:53 vhost4 apparmor.systemd[696]: Restarting AppArmor
> Feb 19 01:07:53 vhost4 apparmor.systemd[696]: Reloading AppArmor profiles
> Feb 19 01:07:53 vhost4 apparmor.systemd[696]: Skipped:
> /etc/apparmor.d/libvirt

Why was this skipped? Do you get any errors parsing the libvirtd profile? E.g.
try 'apparmor_parser -r /etc/apparmor.d/usr.sbin.libvirtd' and see if any
parsing errors are reported.

> Feb 19 01:07:46 vhost4 systemd[1]: Started Load AppArmor profiles.
> 
> -------------
> 
> apparmor module is loaded.
> 51 profiles are loaded.
> 50 profiles are in enforce mode.
> (omitted)
> 1 profiles are in complain mode.
>    /usr/lib/systemd/system-generators/lvm2-activation-generator
> 8 processes have profiles defined.
> 8 processes are in enforce mode.
> (omitted)
> 0 processes are in complain mode.
> 0 processes are unconfined but have a profile defined.
> 
> No mentions of libvirt in any of the redacted parts

/usr/sbin/libvirtd is not mentioned in the output of 'aa-status'?

You are receiving this mail because: