mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-25 15:15:25 +00:00
8f882cf36e
On live migration with --p2p like: $ virsh migrate --live --p2p kvmguest-bionic-normal \ qemu+ssh://10.6.221.80/system We hit an apparmor deny like: apparmor="DENIED" operation="file_inherit" profile="/usr/sbin/libvirtd" pid=23477 comm="ssh" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send" addr=none peer_addr=none peer="unconfined" The rule is not perfect, but can't be restricted further at the moment (new upstream kernel features needed). For now the lack of a profile on the peer as well as comm not being a conditional on rules do not allow to filter further. Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> |
||
---|---|---|
.. | ||
libvirt-lxc | ||
libvirt-qemu | ||
TEMPLATE.lxc | ||
TEMPLATE.qemu | ||
usr.lib.libvirt.virt-aa-helper | ||
usr.sbin.libvirtd |