Bug 1072402 - virt-sandbox gets unmount denials
virt-sandbox gets unmount denials
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Virtualization:Tools
Current
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Cédric Bosdonnat
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-12-12 14:31 UTC by Cédric Bosdonnat
Modified: 2017-12-21 09:10 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Cédric Bosdonnat 2017-12-12 14:31:29 UTC
Steps to reproduce:
  * Make sure libvirtd is apparmor confined
  * Run virt-sandbox -p /bin/sh
  * Look for DENIED messages in /var/log/audit/audit.log

Actual:
  * When quitting the container, audit.log is filled with errors like this one:

    type=AVC msg=audit(1513071922.675:347): apparmor="DENIED" operation="umount"
    profile="libvirt-9fac700d-b492-40fb-bc49-dde8ea581cb4" name="/" pid=2805 comm="ld.so"

  * The error output is also filled with messages like this one:

    cannot unmount /tmp: Permission denied

Expected:
  * No complain!
Comment 1 Cédric Bosdonnat 2017-12-21 09:10:24 UTC
patch in factory and submitted upstream