我已经安装libvirt-daemon在完全更新的Ubuntu Server 18.04.1 LTS. 当尝试执行时libvirtd --listen,出现以下错误:
2018-08-24 21:03:18.641+0000: 2855: error : virFileReadAll:1420 : Failed to open file '/sys/kernel/security/apparmor/profiles': Permission denied
2018-08-24 21:03:18.641+0000: 2855: error : profile_status:100 : Failed to read AppArmor profiles list '/sys/kernel/security/apparmor/profiles': Permission denied
的输出sudo ls -l /sys/kernel/security/apparmor/profiles是:
-r--r--r-- 1 root root 0 Aug 24 13:21 /sys/kernel/security/apparmor/profiles
我的怀疑是 的权限/sys/kernel/security/apparmor/profiles应该是555. 这些错误似乎完全是由于权限配置错误造成的,因为sudo libvirtd --listen运行时没有错误。但是,我不想libvirtd在我的系统上以 root 权限运行。禁用apparmor也可能会消除该错误,但我也不想这样做。
那么我的问题是,这是配置错误吗?如果是,是配置错误libvirt还是配置错误apparmor?如果不是,这些错误的原因是什么?
从 Ubuntu 14.04 跳到 19.04,一切都很好,直到我开始收到错误消息,指出它无法在 \'tunables/global/\' 第 17 行打开 \'tunables/proc\':
\n\nerror: cannot perform the following tasks:\n- Setup snap "core" (7917) security profiles (cannot setup apparmor for snap "core": cannot create host snap-confine apparmor configuration: cannot reload snap-confine apparmor profile: cannot load apparmor profiles: exit status 1\napparmor_parser output:\nAppArmor parser error for /var/lib/snapd/apparmor/profiles/snap-confine.core.7917 in /etc/apparmor.d/tunables/global at line 17: Could not open \'tunables/proc\'\n)\n- Setup snap "core" (7917) security profiles (cannot create host snap-confine apparmor configuration: cannot reload snap-confine apparmor profile: cannot load …