Hi Christian,
we noticed this problem on several of our machines, so I would like to
give this bug report another try. ;)
I have a (relatively) clean install of Ubuntu 20.04 (no upgrade), which
is joined to a Windows AD-domain via sssd, but currently used off site
with cached credentials.
My domain user experiences the problem, but any local user doesn't.
I have checked with three different local users: the admin created
during install, a new ordinary user, and another new one with the
nonstandard HOME directory /home/TEST/tester1. All users were members of
the libvirt group, the domain user is also in adm sudo users lpadmin.
The 'network unix dgram' entry "fixes" the problem for my domain user.
The problem was also reproduceable on a fresh install after domain join
with a domain user.
Here is what I did:
1) normal startup with default profile
2) get sockets status:
- systemctl status $(basename -a $(dpkg -L libvirt-daemon-system | grep -e
.socket -e .service | xargs) | xargs) > systemctl_status_before
3) run strace in the pid of libvirtd:
- systemctl status libvirtd
- strace -p 1246 2>&1 | tee -a strace_local_user_success
4) try to connect al local user -> success:
- virsh list
Id Name State
--------------------
5) get sockets status:
- systemctl status $(basename -a $(dpkg -L libvirt-daemon-system | grep -e
.socket -e .service | xargs) | xargs) > systemctl_status_after_success
6) stop strace and restart for next try:
- strace -p 1246 2>&1 | tee -a strace_domain_user_fail
7) try to connect as domain user -> failure:
- virsh list
error: failed to connect to the hypervisor
error: End of file while reading data: Eingabe-/Ausgabefehler
8) get sockets status:
- systemctl status $(basename -a $(dpkg -L libvirt-daemon-system | grep -e
.socket -e .service | xargs) | xargs) > systemctl_status_after_failure
9) add 'network unix dgram,' to /etc/apparmor.d/usr.sbin.libvirtd and apply
changes:
- vim /etc/apparmor.d/usr.sbin.libvirtd
- diff /etc/apparmor.d/usr.sbin.libvirtd{,.orig}
42d4
< network unix dgram,
10) run strace on the new process:
- systemctl status libvirtd
- strace -p 11051 2>&1 | tee -a strace_domain_user_network_unix_dgram_success
11) try again as domain user -> success:
- virsh list
Id Name State
--------------------
12) get surrounding area from syslog:
- grep 'Jun 8 14:5\(7\|8\|9\)' /var/log/syslog > syslog-error
I will upload all of the mentioned log files.
If You need enything else, please let me know.
I am really curious about the reason and the real fix for this issue.
** Attachment added: "systemctl status $(basename -a $(dpkg -L
libvirt-daemon-system | grep -e .socket -e .service | xargs) | xargs) >
systemctl_status_before"
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1890858/+attachment/5503149/+files/systemctl_status_before
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1890858
Title:
AppArmor profile causes QEMU/KVM - Not Connected
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1890858/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
