Comment 2 for bug 579584

Revision history for this message
Thomas Mayer (thomas303) wrote :


I just updated from jaunty to karmic and then to lucid.
After that, I had the same problem and I could not boot my images any more. Maybe apparmor was installed automatically and caused the problem when starting a guest:

error: Failed to start domain 220_trxerdpd330_installtest
error: internal error unable to start guest: libvir: QEMU error : cannot change to '114' group: Operation not permitted

after adding the following lines in /etc/apparmor.d/libvirt-qemu the problem was solved:
capability setgid,
capability setuid,

The xml of my guest looks like this

<domain type='kvm'>
    <type arch='x86_64' machine='pc'>hvm</type>
    <boot dev='hd'/>
  <clock offset='utc'/>
    <disk type='file' device='disk'>
      <source file='/home/vms/220_trxerdpd330_installtest.img'/>
      <target dev='hda' bus='ide'/>
    <disk type='file' device='cdrom'>
      <target dev='hdc' bus='ide'/>
    <interface type='bridge'>
      <mac address='00:16:36:4e:bd:fb'/>
      <source bridge='br0'/>
    <serial type='pty'>
      <source path='/dev/pts/4'/>
      <target port='0'/>
    <console type='pty' tty='/dev/pts/4'>
      <source path='/dev/pts/4'/>
      <target port='0'/>
    <input type='mouse' bus='ps2'/>
    <graphics type='vnc' port='6220' autoport='no' keymap='de'/>

When I mount a readonly cd image, I get similar errors:

I think there are two issues:
1. libvirt should not chown/chgrp/chmod images, especially not readonly images
2. apparmor profile should correspond to libvirt.