| 2016-03-02 13:44:42 |
Josef Hopfgartner |
bug |
|
|
added bug |
| 2016-03-02 16:41:19 |
Jamie Strandboge |
tags |
|
apparmor |
|
| 2016-03-02 16:41:23 |
Jamie Strandboge |
libvirt (Ubuntu): status |
New |
Incomplete |
|
| 2016-03-03 08:34:45 |
Stefan Bader |
bug |
|
|
added subscriber Stefan Bader |
| 2016-05-02 04:17:42 |
Launchpad Janitor |
libvirt (Ubuntu): status |
Incomplete |
Expired |
|
| 2017-04-25 09:51:14 |
wiredfool |
attachment added |
|
libvirt xml settings https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1552241/+attachment/4867747/+files/vm.xml |
|
| 2017-04-25 09:54:10 |
wiredfool |
libvirt (Ubuntu): status |
Expired |
Confirmed |
|
| 2017-04-26 07:29:10 |
Christian Ehrhardt |
bug |
|
|
added subscriber Ubuntu Server Team |
| 2017-04-26 07:29:24 |
Christian Ehrhardt |
bug |
|
|
added subscriber ChristianEhrhardt |
| 2017-04-26 07:33:11 |
Christian Ehrhardt |
libvirt (Ubuntu): status |
Confirmed |
Triaged |
|
| 2017-04-26 07:33:13 |
Christian Ehrhardt |
libvirt (Ubuntu): importance |
Undecided |
Medium |
|
| 2017-04-26 07:34:52 |
Christian Ehrhardt |
tags |
apparmor |
apparmor server-next |
|
| 2017-04-26 07:35:32 |
Christian Ehrhardt |
tags |
apparmor server-next |
apparmor server-next virt-aa-helper |
|
| 2017-06-12 20:47:39 |
Michael Windelen |
bug |
|
|
added subscriber Michael Windelen |
| 2017-06-13 13:39:29 |
Christian Ehrhardt |
tags |
apparmor server-next virt-aa-helper |
apparmor virt-aa-helper |
|
| 2017-06-13 13:56:12 |
SLerman |
bug |
|
|
added subscriber SLerman |
| 2017-08-04 21:09:07 |
Marcino239 |
bug |
|
|
added subscriber Marcino239 |
| 2017-08-10 06:11:51 |
RussianNeuroMancer |
bug |
|
|
added subscriber RussianNeuroMancer |
| 2017-09-14 13:39:07 |
Christian Ehrhardt |
libvirt (Ubuntu): status |
Triaged |
In Progress |
|
| 2017-10-24 15:33:49 |
Christian Ehrhardt |
description |
This fix is for Ubuntu Xenial
The following file needs some fixes in order to work for usb host device access:
/etc/apparmor.d/abstractions/libvirt-qemu
The line is wrong:
/sys/devices/**/usb[0-9]*/** r,
correct is:
/sys/devices/*/*/usb[0-9]*/** r,
This line is missing:
/run/udev/data/** r, |
[Impact]
* A while ago qemu switched to libusb, since then qemu fails to scan for
usb devices. Thereby it fails to use them for passthrough.
* This
* Fix by back-porting small upstream change
[Test Case]
* Create a VM Guest (e.g. via uvtool)
* Create a XMl file desrcibing a usb hostdev from your System (check lsusb for IDs)
* See the c#3 for XML examples
* Then add that to your guest with
$ virsh attach-device <guestname> <xml-describing-your-device>
* Without the fix you'll see apparmor blocks and a fail to generate the rules
* With the fix it works
[Regression Potential]
* The change "only" allows to access a few more files udev populates. In
those it is still restricted to just USB types - that seems safe to me.
* If no USB devices are used in the guest config (or via hot-add) then it
is not initialized and thereby the rules not needed.
* But if users use USB Host devices they now can work due to the fix. And
"suddenly working" is not a regression but a fix.
[Other Info]
* I waited to be accepted upstream to be more confident which is
partially why this took so long but provides some extra confidence.
* This was long in discussion here since the suggestions always had a bit
of a very open blanket apparmor rule, but we now found a minimal one to
work and that was upstreamable.
---
This fix is for Ubuntu Xenial
The following file needs some fixes in order to work for usb host device access:
/etc/apparmor.d/abstractions/libvirt-qemu
The line is wrong:
/sys/devices/**/usb[0-9]*/** r,
correct is:
/sys/devices/*/*/usb[0-9]*/** r,
This line is missing:
/run/udev/data/** r, |
|
| 2017-10-24 18:43:11 |
Andy Whitcroft |
libvirt (Ubuntu Artful): status |
In Progress |
Fix Committed |
|
| 2017-10-24 18:43:13 |
Andy Whitcroft |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2017-10-24 18:43:15 |
Andy Whitcroft |
bug |
|
|
added subscriber SRU Verification |
| 2017-10-24 18:43:19 |
Andy Whitcroft |
tags |
apparmor virt-aa-helper |
apparmor verification-needed verification-needed-artful virt-aa-helper |
|
| 2017-10-25 06:22:10 |
Christian Ehrhardt |
nominated for series |
|
Ubuntu Zesty |
|
| 2017-10-25 06:22:10 |
Christian Ehrhardt |
bug task added |
|
libvirt (Ubuntu Zesty) |
|
| 2017-10-25 06:22:10 |
Christian Ehrhardt |
nominated for series |
|
Ubuntu Xenial |
|
| 2017-10-25 06:22:10 |
Christian Ehrhardt |
bug task added |
|
libvirt (Ubuntu Xenial) |
|
| 2017-10-25 07:58:48 |
Nahuel Greco |
bug |
|
|
added subscriber Nahuel Greco |
| 2017-10-25 12:23:09 |
Christian Ehrhardt |
tags |
apparmor verification-needed verification-needed-artful virt-aa-helper |
apparmor verification-done verification-done-artful virt-aa-helper |
|
| 2017-11-01 00:27:49 |
Launchpad Janitor |
libvirt (Ubuntu Artful): status |
Fix Committed |
Fix Released |
|
| 2017-11-01 00:27:59 |
Chris Halse Rogers |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2017-11-05 09:41:40 |
Launchpad Janitor |
libvirt (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2018-04-16 09:53:31 |
Launchpad Janitor |
libvirt (Ubuntu Xenial): status |
New |
Confirmed |
|
| 2018-04-16 09:53:31 |
Launchpad Janitor |
libvirt (Ubuntu Zesty): status |
New |
Confirmed |
|
| 2018-05-14 19:33:25 |
Eduard Hasenleithner |
bug |
|
|
added subscriber Eduard Hasenleithner |
| 2021-09-30 10:53:37 |
Christian Ehrhardt |
removed subscriber Ubuntu Server |
|
|
|
