Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
H
H
HighMan2020-02-14 23:50:31
Debian
HighMan, 2020-02-14 23:50:31

/sys/kernel/apparmor/profiles debian wonders?

Hello comrades!
qemu-kvm, libvirtd, virsh, virt-manager are installed and even running on the computer
Very strange behavior of libvirt (virsh).
Run as user (added to libvirt group)
virsh list --all
Empty output. It's like virtual machines don't exist.
We execute under root and virtual machines appear.
Also, from the user, empty output virsh net-list --all, etc.
in syslog

libvirtd[3365]: Failed to open file '/sys/kernel/security/apparmor/profiles': Permission denied
libvirtd[3365]: Failed to read AppArmor profiles list '/sys/kernel/security/apparmor/profiles': Permission denied

We go along the specified path from root. The profiles file opens fine and has 0444 attributes. akromya root, EVERYONE can read!
We try to open the same file from the user. Fuck bald!
/sys/kernel/security/apparmor$ cat profiles
cat: profiles: Отказано в доступе

Any perversions with access attributes give nothing. The user's file does not open.
From root everything is displayed correctly.
virt-manager works as a user and sees everything perfectly.
How to overcome this nonsense? I understand that you can work with virsh through sudo, or, in general, su -
But I would like to be human.

PS Oh yes! Host system Debian 10.3. It seems that they came across something similar in Ubuntu.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
H
HighMan, 2020-02-15
@HighMan

I remembered something ... I
run it as a user

virsh -c qemu:///system list --all
 Id   Name       State
---------------------------
 -    centos   shut off
 -    win7      shut off

Everything works fine!
It remains to figure out what needs to be done so as not to write "-c qemu:///system" :)
editing /etc/libvirt/libvirt.conf, unfortunately, did not give anything.
You can use alias!
alias virsh=virsh -c qemu:///system
Well, in order not to drive in Alice again every boot, you need to register it in ~/.bashrc
.
alias virsh='virsh -c qemu:///system'
That's right.
Well, so that you don’t have to alias with each load:
echo "alias virsh='virsh -c qemu:///system'" >> ~/.bashrc

Report
S
Sergey, 2020-02-18
@gskm

It is possible to define environment variables $VIRSH_DEFAULT_CONNECT_URI or $LIBVIRT_DEFAULT_URI with the value qemu:///system
Uncommenting uri_default = "qemu:///system" in /etc/libvirt/libvirt.conf did not help?

Similar questions
D
DVoropaev2018-08-10 16:45:40
Is my Linux on LSD, or why does it take weird screenshots? 1Reply
I
Igor L2021-10-31 18:52:51
How to fix php mysql errors? 2Reply
K
Kostya007232016-03-26 22:35:31
How to send a shell command to another server using PHP? 2Reply
I
IliaBrz2018-08-18 01:06:43
How to fix VSFTPD? 4Reply
S
speedvm2018-08-19 14:58:07
Debian installation automation? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question