Thank you for using Ubuntu and reporting a bug. This is a known issue and a
limitation of the AppArmor driver. For now, you need to adjust
/etc/apparmor.d/abstractions/libvirt-qemu to allow access to host hardware. For
usb devices (hostdev), adjust this:
# WARNING: uncommenting these gives the guest direct access to host hardware.
# This is required for USB pass through but is a security risk. You have been
# warned.
#/sys/bus/usb/devices/ r,
#/sys/devices/*/*/usb[0-9]*/** r,
#/dev/bus/usb/*/[0-9]* rw,
To be:
# WARNING: uncommenting these gives the guest direct access to host hardware.
# This is required for USB pass through but is a security risk. You have been
# warned.
/sys/bus/usb/devices/ r,
/sys/devices/*/*/usb[0-9]*/** r,
/dev/bus/usb/*/[0-9]* rw,
You will have to add similar entries for PCI devices (pcidev).
** Changed in: libvirt (Ubuntu)
Importance: Undecided => Medium
** Changed in: libvirt (Ubuntu)
Status: New => Triaged
** Summary changed:
- virt-manager allows selection of PCI devices for a VM but apparmor is not
configured to allow access to the PCI device
+ apparmor driver blocks access to hostdev and pcidev devices
** Tags added: apparmor
--
apparmor driver blocks access to hostdev and pcidev devices
https://bugs.launchpad.net/bugs/545795
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
