The problem was solved after killing the apparmor process and restarting apparmor service.
De: "Mohamed Mohamed" <mohamed.moha...@telecom-sudparis.eu>
À: "jan benadik" <jan.bena...@atos.net>
Cc: users@lists.opennebula.org
Envoyé: Jeudi 28 Juin 2012 09:13:09
Objet: Re: [one-users] Apparmor Profile
_______________________________________________
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
À: "jan benadik" <jan.bena...@atos.net>
Cc: users@lists.opennebula.org
Envoyé: Jeudi 28 Juin 2012 09:13:09
Objet: Re: [one-users] Apparmor Profile
The output is:
$apparmor_status
apparmor module is loaded.
19 profiles are loaded.
19 profiles are in enforce mode.
/sbin/dhclient
/usr/bin/evince
/usr/bin/evince-previewer
/usr/bin/evince-previewer//launchpad_integration
/usr/bin/evince-previewer//sanitized_helper
/usr/bin/evince-thumbnailer
/usr/bin/evince-thumbnailer//sanitized_helper
/usr/bin/evince//launchpad_integration
/usr/bin/evince//sanitized_helper
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/connman/scripts/dhclient-script
/usr/lib/cups/backend/cups-pdf
/usr/lib/libvirt/virt-aa-helper
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper
/usr/lib/telepathy/mission-control-5
/usr/lib/telepathy/telepathy-*
/usr/sbin/cupsd
/usr/sbin/libvirtd
/usr/sbin/tcpdump
0 profiles are in complain mode.
6 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
6 processes are unconfined but have a profile defined.
/sbin/dhclient (1098)
/sbin/dhclient (4390)
/sbin/dhclient (4517)
/usr/lib/telepathy/mission-control-5 (2227)
/usr/sbin/cupsd (885)
/usr/sbin/libvirtd (9276)
after
$/etc/init.d/apparmor teardown
the output is
apparmor module is loaded.
0 profiles are loaded.
0 profiles are in enforce mode.
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
in the host machine /var/log/libvirt/libvirtd.log shows the following error (after apparmor teardown):
2012-06-27 09:58:00.982+0000: 1134: error : virCommandWait:2192 : internal error Child process (/usr/lib/libvirt/virt-aa-helper -p 0 -c -u libvirt-bda4a47d-e2c4-8e2f-a48c-37c61f98f60a) status unexpected: exit status 1
2012-06-27 09:58:00.982+0000: 1134: error : AppArmorGenSecurityLabel:443 : internal error cannot load AppArmor profile 'libvirt-bda4a47d-e2c4-8e2f-a48c-37c61f98f60a
$apparmor_status
apparmor module is loaded.
19 profiles are loaded.
19 profiles are in enforce mode.
/sbin/dhclient
/usr/bin/evince
/usr/bin/evince-previewer
/usr/bin/evince-previewer//launchpad_integration
/usr/bin/evince-previewer//sanitized_helper
/usr/bin/evince-thumbnailer
/usr/bin/evince-thumbnailer//sanitized_helper
/usr/bin/evince//launchpad_integration
/usr/bin/evince//sanitized_helper
/usr/lib/NetworkManager/nm-dhcp-client.action
/usr/lib/connman/scripts/dhclient-script
/usr/lib/cups/backend/cups-pdf
/usr/lib/libvirt/virt-aa-helper
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper
/usr/lib/telepathy/mission-control-5
/usr/lib/telepathy/telepathy-*
/usr/sbin/cupsd
/usr/sbin/libvirtd
/usr/sbin/tcpdump
0 profiles are in complain mode.
6 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
6 processes are unconfined but have a profile defined.
/sbin/dhclient (1098)
/sbin/dhclient (4390)
/sbin/dhclient (4517)
/usr/lib/telepathy/mission-control-5 (2227)
/usr/sbin/cupsd (885)
/usr/sbin/libvirtd (9276)
after
$/etc/init.d/apparmor teardown
the output is
apparmor module is loaded.
0 profiles are loaded.
0 profiles are in enforce mode.
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
in the host machine /var/log/libvirt/libvirtd.log shows the following error (after apparmor teardown):
2012-06-27 09:58:00.982+0000: 1134: error : virCommandWait:2192 : internal error Child process (/usr/lib/libvirt/virt-aa-helper -p 0 -c -u libvirt-bda4a47d-e2c4-8e2f-a48c-37c61f98f60a) status unexpected: exit status 1
2012-06-27 09:58:00.982+0000: 1134: error : AppArmorGenSecurityLabel:443 : internal error cannot load AppArmor profile 'libvirt-bda4a47d-e2c4-8e2f-a48c-37c61f98f60a
De: "Jan Benadik" <jan.bena...@atos.net>
À: "Mohamed Mohamed" <mohamed.moha...@telecom-sudparis.eu>
Cc: users@lists.opennebula.org
Envoyé: Mercredi 27 Juin 2012 17:32:01
Objet: Re: [one-users] Apparmor Profile
What is output of apparmor_status?
What is changed if unload apparmor?
(/etc/init.d/apparmor teardown)
Jan
_______________________________________________
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
À: "Mohamed Mohamed" <mohamed.moha...@telecom-sudparis.eu>
Cc: users@lists.opennebula.org
Envoyé: Mercredi 27 Juin 2012 17:32:01
Objet: Re: [one-users] Apparmor Profile
What is output of apparmor_status?
What is changed if unload apparmor?
(/etc/init.d/apparmor teardown)
Jan
Dňa 27.06.2012 16:47, Mohamed Mohamed
wrote / napísal(a):
thank you for your answer,
i did append this line and restart apparmor
but the problem persists.
Mohamed
De: "Jan Benadik" <jan.bena...@atos.net>
À: users@lists.opennebula.org
Envoyé: Mercredi 27 Juin 2012 15:55:27
Objet: Re: [one-users] Apparmor Profile
Hi,
did you append the line
/var/lib/one/** lrwk,
at the end of /etc/apparmor.d/usr.sbin.libvirtd file and restart apparmor service?
J.B.
Dňa 27.06.2012 14:25, Mohamed Mohamed wrote / napísal(a):
Hi all,
I installed opennebula 3.6 on ubuntu 12.4TLS,
i added 2 new hosts, i was following the documentation in opennebula.org.
when i try to submit a new VM the following error occures:
Wed Jun 27 14:23:22 2012 [VMM][I]: Successfully execute network driver operation: pre. Wed Jun 27 14:23:22 2012 [VMM][I]: Command execution fail: cat << EOT | /var/tmp/one/vmm/kvm/deploy /var/lib/one//datastores/0/3/deployment.0 node1 3 node1 Wed Jun 27 14:23:22 2012 [VMM][I]: error: Failed to create domain from /var/lib/one//datastores/0/3/deployment.0 Wed Jun 27 14:23:22 2012 [VMM][I]: error: internal error cannot load AppArmor profile 'libvirt-11995295-92ea-b181-c44c-4fc74b7afe4a' Wed Jun 27 14:23:22 2012 [VMM][E]: Could not create domain from /var/lib/one//datastores/0/3/deployment.0 Wed Jun 27 14:23:22 2012 [VMM][I]: ExitCode: 255 Wed Jun 27 14:23:22 2012 [VMM][I]: Failed to execute virtualization driver operation: deploy. Wed Jun 27 14:23:22 2012 [VMM][E]: Error deploying virtual machine: Could not create domain from /var/lib/one//datastores/0/3/deployment.0 Wed Jun 27 14:23:23 2012 [DiM][I]: New VM state is FAILED
does any one have a suggestion?
best regards,
Mohamed.
_______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
--
Ján Beňadik
Managed Services - Solution Design Architect
+421 46 5151 332
+421 903 691 634
jan.bena...@atos.net
Vinohradnícka 6, 971 01 Prievidza
www.sk.atos.net
__________________________________
_______________________________________________
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
--
Ján Beňadik
Managed Services - Solution
Design Architect
+421 46 5151 332
+421 903 691 634
jan.bena...@atos.net
Vinohradnícka 6, 971 01 Prievidza
www.sk.atos.net
__________________________________
_______________________________________________
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
_______________________________________________
Users mailing list
Users@lists.opennebula.org
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
_______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
