Mailinglist Archive: opensuse-support (159 mails)

< Previous Next >
Re: [opensuse-support] creating qemu VM with --boot uefi fails due to missing AppArmor profile
On 2018-06-01 12:41, Knurpht @ openSUSE wrote:
Two options:
Wait for cboltz to jump in ( our Apparmor hero )
Try setting it up through virt-manager, then have a look at the config and
if there's any difference with what you're trying from cli.

In virt-manager I get effectively the same error when I select the ovmf
firmware in the pre-install configuration:

Unable to complete install: 'internal error: cannot load AppArmor profile

But you made me remember the --print-xml option to virt-install, so here is the
diff (omitting uuid, source file and mac address changes) between

% virt-install --connect qemu:///system --boot hd --name ovmf --memory 1024
--disk size=10 --print-xml > boot-hd.xml
% virt-install --connect qemu:///system --boot uefi --name ovmf --memory 1024
--disk size=10 --print-xml > boot-uefi.xml

% diff boot-hd.xml boot-uefi.xml
<loader readonly="yes"

Looking further into this, I found that [1] patches /src/qemu/qemu.conf to new
ovmf locations, but in /src/security/virt-aa-helper.c [2] the old locations are
still in place. Might this be the problem?

Thanks and cheers

To unsubscribe, e-mail: opensuse-support+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-support+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation