This should work if you add the following to /etc/apparmor.d/bin/usr.sbin.libvirtd (under the '/usr/bin/* PUx' rule): /etc/libvirt/hooks/* ix,
Hooks are called by the trusted libvirtd daemon, not by the AppArmor protected guests so this rule is safe to add to the AppArmor profile as libvirtd is expected to run (essentially) unconfined. ** Changed in: libvirt (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in Ubuntu. https://bugs.launchpad.net/bugs/891472 Title: apparmor profile for libvirt does not allow hooks to be executed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/891472/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs