Comment 39 for bug 1677398

There is a comment in this bug that says that dir based pools aren't affected, but it seems they are. Here's the disk definition in XML using a "default" named pool that resides in /var/lib/libvirt/images.

<disk type='volume' device='disk'>
  <driver name='qemu' type='qcow2'/>
  <source pool='default' volume='awesome.qcow2'/>
  <target dev='vda' bus='virtio'/>
  <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
</disk>

Starting the VM with virsh start, yield the following error in dmesg:

[10757.098291] audit: type=1400 audit(1599423932.042:131): apparmor="DENIED" operation="open" profile="libvirt-b68582b8-0f35-4298-afd8-45c89ff3cbaa" name="/var/lib/libvirt/images/awesome.qcow2" pid=8654 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=64055