So I've got an mdadm array mounted at /data/vms where I want my images to live. I keep getting
I've tried adding
to both /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper and /etc/apparmor/usr.sbin.libvirtd. I've even tried setting the user and group to root in /etc/libvirt/qemu.conf and connecting as root with virt manager just troubleshoot this.
I'm still seeing the above error and this in syslog.
Even after loading those apparmor profiles or rebooting. This is a new VM, so there's no apparmor file matching that UUID, yet.
The weird thing is, the initial qcow image files create fine in the storage manager, but I just can't use them when spinning up a VM.
Code:
Unable to complete install: 'internal error: process exited while connecting to monitor: 000: Domain id=3 is tainted: high-privileges
2018-05-01T16:39:49.776716Z qemu-system-x86_64: -drive file=/data/vms/mx-root.qcow2,format=qcow2,if=none,id=drive-virtio-disk0: Could not open backing file: Could not open '/data/vms': Permission denied'
Code:
/data/vms/* r,
/data/vms/** rw,
I'm still seeing the above error and this in syslog.
Code:
May 1 09:39:49 hal kernel: [ 2777.174380] audit: type=1400 audit(1525192789.771:46): apparmor="DENIED" operation="open" profile="libvirt-9689f320-a915-4ab3-9d24-9db63947920a" name="/data/vms/" pid=2839 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
The weird thing is, the initial qcow image files create fine in the storage manager, but I just can't use them when spinning up a VM.