https://bugzilla.suse.com/show_bug.cgi?id=1234236 Bug ID: 1234236 Summary: libguestfs: apparmor AVC for mknod passt.sock Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: AppArmor Assignee: suse-beta@cboltz.de Reporter: wolfgang.frisch@suse.com QA Contact: qa-bugs@suse.de Target Milestone: --- Found By: --- Blocker: --- Some libguestfs / guestfs-tools operations currently fail because AppArmor blocks an mknod operation. For example:

virt-customize -v -x -c qemu:///system -d some_virtual_machine --hostname foobar

Output:

Failed to bind UNIX domain socket: Permission denied libguestfs: trace: launch = -1 (error) virt-customize: error: libguestfs error: passt exited with status 1

/var/log/audit/audit.log:

type=AVC msg=audit(1733392351.800:690): apparmor="DENIED" operation="mknod" class="file" profile="passt" name="/run/user/1000/libguestfsueOZkq/passt.sock" pid=27424 comm="passt.avx2" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 -- You are receiving this mail because: You are on the CC list for the bug.