apport information
** Attachment added: "PstreeP.txt"
https://bugs.launchpad.net/bugs/1684481/+attachment/4865587/+files/PstreeP.txt
** Description changed:
Setup:
- Xenial host
- lxd guests with Trusty, Xenial, ...
- add a LXD profile to allow kvm [3] (inspired by stgraber)
- spawn KVM guests in the LXD guests using the different distro release
versions
- guests are based on the uvtool default template which has a serial console
[4]
Issue:
- guest starting with serial device gets blocked by apparmor and killed on
creation
- This affects at least ppc64el and x86 (s390x has no serial concept that
would match)
- This appeared in our usual checks on -proposed releases so maybe we
can/should stop something?
Last good was "Apr 5, 2017 10:40:50 AM" first bad one "Apr 8, 2017 5:11:22
AM"
Background:
We use this setup for a while and it was working without a change on our end.
Also the fact that it still works in the Trusty LXD makes it somewhat
suspicious.
Therefore I'd assume an SRUed change in LXD/Kernel/Apparmor might be the
reason and open this bug to get your opinion on it.
You can look into [1] and search for uvt-kvm create in it.
Deny in dmesg:
[652759.606218] audit: type=1400 audit(1492671353.134:4520):
apparmor="DENIED" operation="open"
namespace="root//lxd-testkvm-xenial-from_"
profile="libvirt-668e21f1-fa55-4a30-b325-0ed5cfd55e5b" name="/dev/pts/ptmx"
pid=27162 comm="qemu-system-ppc" requested_mask="wr" denied_mask="wr" fsuid=0
ouid=0
Qemu-log:
2017-04-20T06:55:53.139450Z qemu-system-ppc64: -chardev pty,id=charserial0:
Failed to create PTY: No such file or directory
There was a similar issue on qmeu namespacing (which we don't use on any of
these releases) [2].
While we surely don't have the "same" issue the debugging on the namespacing
might be worth as it could be related.
Workaround for now:
- drop serial section from guest xml
[1]:
https://jenkins.ubuntu.com/server/view/Virt/job/virt-migration-cross-release-amd64/78/consoleFull
[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1421036
[3]:
https://git.launchpad.net/~ubuntu-server/ubuntu/+source/qemu-migration-test/tree/kvm_profile.yaml
[4]: https://libvirt.org/formatdomain.html#elementsCharPTY
---
ApportVersion: 2.20.1-0ubuntu2.5
Architecture: ppc64el
DistroRelease: Ubuntu 16.04
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
Package: lxd
PackageArchitecture: ppc64el
ProcKernelCmdline: root=UUID=902eaad1-2164-4f9a-bec4-7ff3abc15804 ro
console=hvc0
ProcLoadAvg: 3.15 3.02 3.83 1/3056 79993
ProcSwaps:
Filename TypeSizeUsedPriority
/swap.img file 8388544 0 -1
ProcVersion: Linux version 4.4.0-72-generic (buildd@bos01-ppc64el-022) (gcc
version 5.4.0 20160609 (Ubuntu/IBM 5.4.0-6ubuntu1~16.04.4) ) #93-Ubuntu SMP Fri
Mar 31 14:05:15 UTC 2017
ProcVersionSignature: Ubuntu 4.4.0-72.93-generic 4.4.49
Syslog:
Tags: xenial uec-images
Uname: Linux 4.4.0-72-generic ppc64le
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: utah
_MarkForUpload: True
cpu_cores: Number of cores present = 20
cpu_coreson: Number of cores online = 20
cpu_smt: SMT is off
---
ApportVersion: 2.20.1-0ubuntu2.5
Architecture: ppc64el
DistroRelease: Ubuntu 16.04
NonfreeKernelModules: cfg80211 ebtable_broute ebtable_nat binfmt_misc veth
nbd openvswitch vhost_net vhost macvtap macvlan xt_conntrack ipt_REJECT
nf_reject_ipv4 ebtable_filter ebtables ip6t_MASQUERADE nf_nat_masquerade_ipv6
ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_filter
ip6_tables xt_comment xt_CHECKSUM iptable_mangle ipt_MASQUERADE
nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4
nf_nat nf_conntrack xt_tcpudp bridge stp llc iptable_filter ip_tables x_tables
zfs zunicode zcommon znvpair spl zavl kvm_hv kvm ipmi_powernv ipmi_msghandler
uio_pdrv_genirq vmx_crypto powernv_rng ibmpowernv leds_powernv uio ib_iser
rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp
libiscsi scsi_transport_iscsi autofs4 btrfs raid10 raid456 async_raid6_recov
async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0
multipath linear ses enclosure mlx4_en vxlan ip6_udp_tunnel udp_tunnel
mlx4_core ipr
Package: lxd
PackageArchitecture: ppc64el
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcKernelCmdline: root=UUID=902eaad1-2164-4f9a-bec4-7ff3abc15804 ro
console=hvc0
ProcLoadAvg: 5.56 5.25 4.60 1/3057 3526
ProcSwaps:
Filename TypeSizeUsedPriority
nonevirtual 8388544 8388544 0
ProcVersion: Linux version 4.4.0-72-generic (buildd@bos01-ppc64el-022) (gcc
version 5.4.0 20160609 (Ubuntu/IBM