[Bug 585964] Re: VMs won't start after purging apparmor
This bug was fixed in the package libvirt - 0.8.3-1ubuntu1
---
libvirt (0.8.3-1ubuntu1) maverick; urgency=low
* Merge from debian unstable with security fixes
* Fixes:
- LP: #588369
- LP: #585964
* Remaining changes:
- debian/control:
+ Build-Depends on qemu-kvm, not qemu
+ Build-Depends on open-iscsi-utils, not open-iscsi
+ Build-Depends on libxml2-utils
+ Build-Depends on libapparmor-dev and Suggests apparmor
+ Bump bridge-utils, dnsmasq-base, netcat-openbsd, and iptables
to Depends of libvirt-bin
+ Drop lvm2, qemu-kvm and qemu to Suggests
+ We call libxen-dev libxen3-dev, so change all references
+ Rename Vcs-* to XS-Debian-Vcs-*
- debian/libvirt-bin.postinst:
+ rename the libvirt group to libvirtd
+ add each admin user to the libvirtd group
+ reload apparmor profiles
- debian/libvirt-bin.postrm:
+ rename the libvirt group to libvirtd
+ remove apparmor symlinks on purge
- debian/README.Debian: add AppArmor section based on the upstream
documentation
- debian/rules:
+ update DEB_DH_INSTALLINIT_ARGS for upstart
+ add DEB_MAKE_CHECK_TARGET := check
+ use --with-apparmor
+ copy apparmor and apport hook to debian/tmp
- add debian/libvirt-bin.upstart
- debian/libvirt-bin.dirs: add /etc/apparmor.d/abstractions,
/etc/apparmor.d/disable, /etc/apparmor.d/force-complain,
/etc/apparmor.d/libvirt, /etc/cron.daily and
/usr/share/apport/package-hooks
- add debian/libvirt-bin.cron.daily
- add debian/libvirt-bin.apport
- debian/libvirt-bin.install: install apparmor profiles, abstractions
and apport hook
- debian/apparmor:
- add TEMPLATE
- add libvirt-qemu abstraction
- add usr.lib.libvirt.virt-aa-helper
- add usr.sbin.libvirtd
- debian/patches/series:
+ don't apply 0002-qemu-disable-network.diff.patch
+ don't apply 0005-Terminate-nc-on-EOF.patch. Use
9009-autodetect-nc-params.patch instead
+ 9000-delayed_iff_up_bridge.patch (refreshed)
+ 9001-dont_clobber_existing_bridges.patch
+ 9002-better_default_uri_virsh.patch (refreshed)
+ 9003-better-default-arch.patch (refreshsed)
+ 9004-libvirtd-group-name.patch
+ 9005-increase-unix-socket-timeout.patch (refreshed)
+ 9006-default-config-test-case.patch
+ 9007-fix-daemon-conf-ftbfs.patch (updated)
+ 9008-run-as-root-by-default.patch (refreshed)
+ 9009-autodetect-nc-params.patch (refreshed)
+ 9010-dont-disable-ipv6.patch (refreshsed)
+ 9011-move-ebtables-script.patch (refreshed)
* Dropped the following patches included/fixed upstream:
- 9012-fix-nodeinfotest-ftbfs.patch
- 9013-apparmor-lp457716.patch
* Disable virtualbox support since virtualbox-ose is not in main
- debian/control: remove virtualbox-ose build dependency
- debian/rules: use --without-vbox
* debian/patches/9012-apparmor-dont-ignore-open.patch: fix logic when
using virDomainDiskDefForeachPath() and add tests. This can be removed
in 0.8.4.
* debian/apparmor/usr.sbin.libvirtd: add capability fsetid (LP: #613549)
* debian/apparmor/usr.lib.libvirt.virt-aa-helper: allow access to
@{PROC}/[0-9]*/net/psched
* debian/patches/9013-apparmor-chardev.patch: update for serial, parallel
and channels. This can be removed in 0.8.4. (LP: #609055, LP: #578527)
* migrate virtual machine definitions with non-raw disks and previously
unspecified disk format with a one time probe:
- add debian/libvirt-migrate-qemu-disks
- add debian/libvirt-migrate-qemu-disks.1
- debian/libvirt-bin.postinst: updated to run 'libvirt-migrate-qemu-disks
-a' on upgrades
- debian/rules: cp debian/libvirt-migrate-qemu-disks into place
- debian/libvirt-bin.manpages: install debian/libvirt-migrate-qemu-disks.1
- debian/README.Debian: updated for libvirt-migrate-qemu-disks
libvirt (0.8.3-1) unstable; urgency=low
[ Guido Günther ]
* Mention clear_emulator_capabilities
* Recommend iptables and gawk
[ Laurent Léonard ]
* Imported Upstream version 0.8.3
- Fixes: CVE-2010-2237, CVE-2010-2238, CVE-2010-2239, CVE-2010-2242
* Redo patches
* Update libvirt0 symbols
* Bump Standards-Version to 3.9.1
[ Guido Günther ]
* Install libvirt-qemu library
* Add libvirt-qemu.so symbols
[ Laurent Léonard ]
* Fix debian/NEWS syntax
libvirt (0.8.2-1) unstable; urgency=low
* Imported Upstream version 0.8.2
* Drop patches.
* Update libvirt0 symbols.
* Bump Standards-Version to 3.9.0.
* Add virtualbox-ose and libnl-dev build dependencies.
-- Jamie StrandbogeThu, 12 Aug 2010 17:00:59 -0500
** Changed in: libvirt (Ubuntu)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2237
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2238
** CVE added: http://
[Bug 585964] Re: VMs won't start after purging apparmor
Hello, after last Ubuntu update I can't start my KVM machines. So I did a clean basic installation and install only libvirt-bin and kvm. uname -a : Linux server1 2.6.32-23-server #37-Ubuntu SMP Fri Jun 11 09:11:11 UTC 2010 x86_64 GNU/Linux But the error was still there. I followed the hints in this thread and did the following: - in qemu.conf I set security_driver = "none" - I did purge appamor "apt-get purge apparmor" - In qemu.conf I set vnc_tls = 0 - reboot the system But also with this modifications I still got the same error: error: Failed to start domain testsystem.mynet.de error: monitor socket did not show up.: Connection refused syslog show the following Jul 28 08:09:13 eq4 libvirtd: 08:09:13.456: error : qemuMonitorOpenUnix:268 : monitor socket did not show up.: Connection refused Jul 28 08:09:13 eq4 libvirtd: 08:09:13.456: error : qemuConnectMonitor:822 : Failed to connect monitor for testsystem.mynet.de#012 Is there any other solution to get kvm running than to use another distribution? Regards Michael -- VMs won't start after purging apparmor https://bugs.launchpad.net/bugs/585964 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 585964] Re: VMs won't start after purging apparmor
Ok. After extensive testing I found out that this had to do with the vnc_tls parameter in qemu.conf. If it is set to 1 it fails with the error message above. I will investigate more and file a bug if its not just misconfiguration. Thanks for your fast reply. -- VMs won't start after purging apparmor https://bugs.launchpad.net/bugs/585964 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 585964] Re: VMs won't start after purging apparmor
Henrik, yours is a different issue. Can you please file a new bug? -- VMs won't start after purging apparmor https://bugs.launchpad.net/bugs/585964 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 585964] Re: VMs won't start after purging apparmor
Hi! I got a similar issue on our production environment... I noticed that after a clean install shutdown and start of domains works BUT if you restart the libvirt-bin service you can shutdown domains but not start them again. If you while in this state purge the libvirt-bin packaga and install it again (with aptitude) it works until the next restart of libvirt-bin. In this case I did not touch apparmor and I did not reboiot the server. Output from the terminal: r...@srvsxu0001:~# virsh Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit virsh # list Id Name State -- 1 xus1004-001 running virsh # shutdown xus1004-001 Domain xus1004-001 is being shutdown virsh # list Id Name State -- virsh # start xus1004-001 Domain xus1004-001 started virsh # list Id Name State -- 2 xus1004-001 running virsh # quit r...@srvsxu0001:~# service libvirt-bin stop libvirt-bin stop/waiting r...@srvsxu0001:~# service libvirt-bin start libvirt-bin start/running, process 13645 r...@srvsxu0001:~# virsh Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit virsh # list Id Name State -- 2 xus1004-001 running virsh # shutdown xus1004-001 Domain xus1004-001 is being shutdown virsh # list Id Name State -- virsh # start xus1004-001 error: Failed to start domain xus1004-001 error: monitor socket did not show up.: No such file or directory virsh # -- VMs won't start after purging apparmor https://bugs.launchpad.net/bugs/585964 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 585964] Re: VMs won't start after purging apparmor
** Summary changed: - Libvirtd -- error: monitor socket did not show up.: Connection refused + VMs won't start after purging apparmor -- VMs won't start after purging apparmor https://bugs.launchpad.net/bugs/585964 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libvirt in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
