On Wed, Nov 09, 2022 at 06:14:58PM +, Daniel P. Berrangé wrote:
> On Fri, Nov 04, 2022 at 02:56:51PM -0400, Andrea Bolognani wrote:
> > IIUC a specific profile (cri-containerd.apparmor.d) is used for
> > unprivileged containers such as virt-launcher, but a privileged one
> > such as virt-handle
On Fri, Nov 04, 2022 at 02:56:51PM -0400, Andrea Bolognani wrote:
> On Thu, Nov 03, 2022 at 05:23:27PM +, Daniel P. Berrangé wrote:
> > On Thu, Nov 03, 2022 at 12:35:15PM -0400, Andrea Bolognani wrote:
> > > On Thu, Nov 03, 2022 at 03:39:44PM +0100, Peter Krempa wrote:
> > > > On Thu, Nov 03, 2
On Thu, Nov 03, 2022 at 05:23:27PM +, Daniel P. Berrangé wrote:
> On Thu, Nov 03, 2022 at 12:35:15PM -0400, Andrea Bolognani wrote:
> > On Thu, Nov 03, 2022 at 03:39:44PM +0100, Peter Krempa wrote:
> > > On Thu, Nov 03, 2022 at 12:13:53 +0100, Andrea Bolognani wrote:
> > > > Distros that use Ap
On Fri, Nov 04, 2022 at 10:21:53AM -0600, Jim Fehlig wrote:
> On 11/3/22 11:23, Daniel P. Berrangé wrote:
> > On Thu, Nov 03, 2022 at 12:35:15PM -0400, Andrea Bolognani wrote:
> > > On Thu, Nov 03, 2022 at 03:39:44PM +0100, Peter Krempa wrote:
> > > > On Thu, Nov 03, 2022 at 12:13:53 +0100, Andrea
On 11/3/22 11:23, Daniel P. Berrangé wrote:
On Thu, Nov 03, 2022 at 12:35:15PM -0400, Andrea Bolognani wrote:
On Thu, Nov 03, 2022 at 03:39:44PM +0100, Peter Krempa wrote:
On Thu, Nov 03, 2022 at 12:13:53 +0100, Andrea Bolognani wrote:
Distros that use AppArmor, such as Debian and Ubuntu, inst
On 11/3/22 09:02, Andrea Bolognani wrote:
On Thu, Nov 03, 2022 at 08:24:37AM -0600, Jim Fehlig wrote:
On 11/3/22 05:13, Andrea Bolognani wrote:
+ # Needed when running the RHEL/CentOS version of libvirt and QEMU
+ # inside a privileged container on a Debian/Ubuntu host
+ /usr/libexec/qemu-kv
On Thu, Nov 03, 2022 at 12:35:15PM -0400, Andrea Bolognani wrote:
> On Thu, Nov 03, 2022 at 03:39:44PM +0100, Peter Krempa wrote:
> > On Thu, Nov 03, 2022 at 12:13:53 +0100, Andrea Bolognani wrote:
> > > Distros that use AppArmor, such as Debian and Ubuntu, install
> > > QEMU under /usr/bin/qemu-sy
On Thu, Nov 03, 2022 at 03:39:44PM +0100, Peter Krempa wrote:
> On Thu, Nov 03, 2022 at 12:13:53 +0100, Andrea Bolognani wrote:
> > Distros that use AppArmor, such as Debian and Ubuntu, install
> > QEMU under /usr/bin/qemu-system-*, and our AppArmor profile is
> > written with that assumption in mi
On Thu, Nov 03, 2022 at 08:24:37AM -0600, Jim Fehlig wrote:
> On 11/3/22 05:13, Andrea Bolognani wrote:
> > + # Needed when running the RHEL/CentOS version of libvirt and QEMU
> > + # inside a privileged container on a Debian/Ubuntu host
> > + /usr/libexec/qemu-kvm PUx,
>
> Do you also need the
On Thu, Nov 03, 2022 at 12:13:53 +0100, Andrea Bolognani wrote:
> Distros that use AppArmor, such as Debian and Ubuntu, install
> QEMU under /usr/bin/qemu-system-*, and our AppArmor profile is
> written with that assumption in mind.
>
> If you try to run the RHEL or CentOS version of libvirt and
>
On 11/3/22 05:13, Andrea Bolognani wrote:
Distros that use AppArmor, such as Debian and Ubuntu, install
QEMU under /usr/bin/qemu-system-*, and our AppArmor profile is
written with that assumption in mind.
If you try to run the RHEL or CentOS version of libvirt and
QEMU inside a privileged contai
On Thu, Nov 03, 2022 at 12:13:53PM +0100, Andrea Bolognani wrote:
> Distros that use AppArmor, such as Debian and Ubuntu, install
> QEMU under /usr/bin/qemu-system-*, and our AppArmor profile is
> written with that assumption in mind.
>
> If you try to run the RHEL or CentOS version of libvirt and
Distros that use AppArmor, such as Debian and Ubuntu, install
QEMU under /usr/bin/qemu-system-*, and our AppArmor profile is
written with that assumption in mind.
If you try to run the RHEL or CentOS version of libvirt and
QEMU inside a privileged container on such distros, however,
that will resu
13 matches
Mail list logo