Hi. I upgraded one of my servers to Ubuntu 20.04. Since then domains
won't shutdown. They are in the "in shutdown" state.
I googled around and I found it is probably because of apparmor.
I see this message in the logs:
kernel: [740222.848210] audit: type=1400 audit(1606983397.013:338):
apparmor="DENIED" operation="signal"
profile="libvirt-a2c1456f-3371-49eb-9fa4-f8576ca4e878" pid=2375
comm="libvirtd" requested_mask="receive"
denied_mask="receive" signal=term
peer="libvirtd"
I tried to run this but it does nothing:
aa-complain /usr/sbin/libvirtd
The only solution I found was to run aa-disable to the machine id
so it can be shut down.
I found some similar issues but I can't figure out what I have to tweak
in the apparmor files. If you can point me to some doc may be I skipped
I will or any solution I would appreciate it.
This is
- Ubuntu 20.04
- libvirt 6.0.0-0
- qemu-kvm 1:4.2-3
Thank you very much.
On 12/3/20 4:42 AM, Francesc Guasch wrote:> Hi. I upgraded one of my servers to Ubuntu 20.04. Since then domains > won't shutdown. They are in the "in shutdown" state. > > I googled around and I found it is probably because of apparmor. > > I see this message in the logs: > > kernel: [740222.848210] audit: type=1400 audit(1606983397.013:338): > apparmor="DENIED" operation="signal" > profile="libvirt-a2c1456f-3371-49eb-9fa4-f8576ca4e878" pid=2375 comm="libvirtd" > requested_mask="receive" denied_mask="receive" signal=term peer="libvirtd"Are you using lxc? I recently posted a patch allowing lxc domains to receive signals from libvirtd https://www.redhat.com/archives/libvir-list/2020-December/msg00187.html If you are using qemu, ensure the libvirt-qemu abstraction contains similar rules. They were introduced in libvirt 5.2.0, so your libvirt-qemu abstraction should already have them. Regards, Jim