You are not logged in.
Hello to everyone!
Recently trying to enable apparmor security driver in libvirt for qemu, show a very confusing error:
Jan 30 11:54:52 illuminati libvirtd[30270]: unsupported configuration: Security driver apparmor not enabled
Jan 30 11:54:52 illuminati libvirtd[30270]: internal error: Failed to initialize security drivers
Jan 30 11:54:52 illuminati libvirtd[30270]: Initialization of QEMU state driver failed: internal error: Failed to initialize security drivers
Jan 30 11:54:52 illuminati libvirtd[30270]: Driver state initialization failed
Jan 30 11:54:52 illuminati systemd[1]: libvirtd.service: Succeeded.The libvirt package I used was the one from ABS with just a modification to the pkgbuild in the configure command:
build() {
cd "${srcdir}/${pkgname}-${pkgver}"
export PYTHON=$(command -v python)
export LDFLAGS=-lX11
export RADVD=/usr/bin/radvd
[ -f Makefile ] || ZFS=/usr/bin/zfs ZPOOL=/usr/bin/zpool ./configure \
--prefix=/usr \
--libexec=/usr/lib/"${pkgname}" \
--sbindir=/usr/bin \
--disable-static \
--with-init-script=systemd \
--with-qemu \
--with-qemu-user=nobody \
--with-qemu-group=kvm \
--without-hal \
--with-interface \
--with-lxc \
--with-netcf \
--with-udev \
--with-storage-disk \
--with-storage-gluster \
--with-storage-iscsi \
--with-storage-lvm \
--with-storage-zfs \
--with-apparmor-profiles
make
}Although the output of ./configure command show that apparnor was detected and the driver enabled, libvirt still use the none secdriver option
configure output: https://pastebin.com/ZrFF84z1\
virsh output:
<host>
<cpu>
<arch>x86_64</arch>
<model>Skylake-Client-IBRS</model>
<vendor>Intel</vendor>
<microcode version='198'/>
<topology sockets='1' cores='4' threads='1'/>
<feature name='ds'/>
<feature name='acpi'/>
<feature name='ss'/>
<feature name='ht'/>
<feature name='tm'/>
<feature name='pbe'/>
<feature name='dtes64'/>
<feature name='monitor'/>
<feature name='ds_cpl'/>
<feature name='vmx'/>
<feature name='est'/>
<feature name='tm2'/>
<feature name='xtpr'/>
<feature name='pdcm'/>
<feature name='osxsave'/>
<feature name='tsc_adjust'/>
<feature name='clflushopt'/>
<feature name='intel-pt'/>
<feature name='stibp'/>
<feature name='ssbd'/>
<feature name='xsaves'/>
<feature name='pdpe1gb'/>
<feature name='invtsc'/>
<pages unit='KiB' size='4'/>
<pages unit='KiB' size='2048'/>
<pages unit='KiB' size='1048576'/>
</cpu>
<power_management>
<suspend_mem/>
<suspend_disk/>
<suspend_hybrid/>
</power_management>
<iommu support='yes'/>
<migration_features>
<live/>
<uri_transports>
<uri_transport>tcp</uri_transport>
<uri_transport>rdma</uri_transport>
</uri_transports>
</migration_features>
<topology>
<cells num='1'>
<cell id='0'>
<memory unit='KiB'>16356332</memory>
<pages unit='KiB' size='4'>3807483</pages>
<pages unit='KiB' size='2048'>550</pages>
<pages unit='KiB' size='1048576'>0</pages>
<distances>
<sibling id='0' value='10'/>
</distances>
<cpus num='4'>
<cpu id='0' socket_id='0' core_id='0' siblings='0'/>
<cpu id='1' socket_id='0' core_id='1' siblings='1'/>
<cpu id='2' socket_id='0' core_id='2' siblings='2'/>
<cpu id='3' socket_id='0' core_id='3' siblings='3'/>
</cpus>
</cell>
</cells>
</topology>
<cache>
<bank id='0' level='3' type='both' size='6' unit='MiB' cpus='0-3'/>
</cache>
<secmodel>
<model>none</model>
<doi>0</doi>
</secmodel>
</host>Maybe I'm doing something wrong?
Regards.
Offline
Hey bro, I'm having a similar problem, can you please solve it?
Offline