[Bug 666090] New: Apparmor kills libvirt networking
https://bugzilla.novell.com/show_bug.cgi?id=666090 https://bugzilla.novell.com/show_bug.cgi?id=666090#c0 Summary: Apparmor kills libvirt networking Classification: openSUSE Product: openSUSE 11.4 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: AppArmor AssignedTo: jeffm@novell.com ReportedBy: seife@novell.slipkontur.de QAContact: qa@suse.de Found By: Third Party Developer/Partner Blocker: --- Starting libvirtd gives the following in syslog: Jan 21 09:59:28 susi dnsmasq[20034]: failed to open pidfile /var/run/libvirt/network/default.pid: Permission denied Jan 21 09:59:28 susi dnsmasq[20034]: FAILED to start up This leads to bridge virbr0 not being set up correctly and KVM guests refusing to start, since not bridge for network connectivity is available. As always, "rcapparmor stop" nicely solved the issue. Also as always, the syslog message have not been helpful, as there was no clue at all that the "permission denied" was due to something invisible (the directory permissions were 0775 and dnsmasq is runnign as root, so it clearly should be able to create the pid file). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666090
https://bugzilla.novell.com/show_bug.cgi?id=666090#c1
Jeff Mahoney
https://bugzilla.novell.com/show_bug.cgi?id=666090
https://bugzilla.novell.com/show_bug.cgi?id=666090#c2
--- Comment #2 from James Fehlig
This can be solved in a few ways.
1) Update the usr.sbin.dnsmasq profile to allow /var/run/libvirt/network/*.pid
Ubuntu took this approach https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/697239 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666090
https://bugzilla.novell.com/show_bug.cgi?id=666090#c3
James Fehlig
https://bugzilla.novell.com/show_bug.cgi?id=666090
https://bugzilla.novell.com/show_bug.cgi?id=666090#c4
Jeff Mahoney
participants (1)
-
bugzilla_noreply@novell.com