This has now landed upstream, on the master branch as c159d0925 Allow access to possible cpus for glibc-2.36
and has been cherry-picked back to 3.1, 3.0, 2.13, and 2.12 branches. This schedules it for release in the 2.12.4 and 2.13.7, 3.0.8 releases this week. Unfortunately 3.1.2 was cut last week so it just misses that release. I will look at assigning resources to this, I am not sure which of us will pick it up yet. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1989073 Title: AppArmor DENIES reading of /sys/devices/system/cpu/possible Status in apparmor package in Ubuntu: Confirmed Status in apparmor source package in Kinetic: Confirmed Bug description: libvirt 8.6.0-0ubuntu1 apparmor 3.0.7-1ubuntu1 Creating a VM with virt-install produces this AppAmore denial: AVC apparmor="DENIED" operation="open" profile="libvirt-974c9859-e682-4f5d-b0cb-dcf3d60185fc" name="/sys/devices/system/cpu/possible" pid=2522 comm="qemu- system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Creation of the VM is successful. This is with nested virtualization. This did not happen with libvirt 8.0.0-1ubuntu8 and apparmor 3.0.7-1ubuntu1. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1989073/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp