David Richardson
2014-Nov-14 20:07 UTC
[libvirt-users] Trouble creating virtio-serial device
Hello,
I've running Ubuntu-14.04 as my host and my guest. I've been trying to
get
guest to host communication set up by configuring a virtio-serial device.
My xml file contains:
<channel type='unix'>
<source mode='bind' path='/home/dave/vm1.agent'/>
<target type='virtio' name='vm1'/>
</channel>
When I start up the VM, I get the following error:
error: Failed to create domain from vm1.xml
error: internal error: process exited while connecting to monitor:
qemu-system-x86_64: -chardev
socket,id=charchannel0,path=/home/dave/vm1.agent,server,nowait: Failed to
bind socket: Permission denied
qemu-system-x86_64: -chardev
socket,id=charchannel0,path=/home/dave/vm1.agent,server,nowait: chardev:
opening backend "socket" failed
dmesg shows what appears to be an apparmor denial for mknod:
[250108.632450] type=1400 audit(1415994657.679:152): apparmor="DENIED"
operation="mknod"
profile="libvirt-2fd2ec54-f644-228e-08ba-297c8b304153"
name="/home/dave/vm1.agent" pid=21856 comm="qemu-system-x86"
requested_mask="c" denied_mask="c" fsuid=112 ouid=112
I can add a line to /etc/apparmor.d/abstractions/libvirt-qemu similar to:
owner /home/dave/vm1.agent rw,
After restarting apparmor, this gets rid of the apparmor complaint, but I
still get the same error from 'virsh create vm1.xml' when trying to
create
the VM.
Any suggestions for how to fix this?
Thanks,
~Dave
Apparently Analagous Threads
- [Bug 103689] New: there is an exploitable page fault that can be reliably triggered from the chromium sandbox can possibly lead to remote attackers causing a denial of service condition or possibly running system code.
- Debian Buster, bind_dlz, and apparmor
- Workstations cannot update DNS
- Workstations cannot update DNS
- bind9 won't run
Wisdom of the Ancients
