Create Virtual Machine using libvirt error related to AppArmor

Question

I am trying to create a virtual machine using libvirt using the command:

virsh create file

Contents of "file":

<domain type='qemu' id='3'>
        <name>testvm</name>
        <memory>100</memory>
        <vcpu>1</vcpu>
        <os>
                <type arch='i686'>hvm</type>
        </os>
        <devices>
                <disk type='file' device='disk'>
                        <source file='/libtmp/VM-linux.0.2.img'/>
                        <target dev='hdc'/>
                </disk>
        </devices>
        <on_reboot>restart</on_reboot>
        <on_poweroff>preserve</on_poweroff>
        <on_crash>restart</on_crash>
</domain>

Here is error which occur.

error: Failed to create domain from file
error: internal error cannot load AppArmor profile 'libvirt-9cb01efc-ed3b-ff8e-4de5-7227d311dd15'

I am able to create the vm without loading the image file.

Everytime the profile name keeps on changing. I tried stopping it and creating the vm but I got the same error.

Any pointers will be very helpful.

Answer 1

This is a bug in libvirt. See https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/665531

Edit the xml definition of the virtual domain with "virsh edit domainname" command. Replace type='host_device' with type='raw' in the xml definition.

Answer 2

I had the same problem and the reason was that I had a bad idea to place readonly cdrom image to /etc like this:

<disk type="file" device="cdrom">
  <driver name='qemu' type="raw" />
  <source file="/etc/libvirt/qemu/cdrom.iso" />
  <target dev='hdb' bus='virtio'/>
  <readonly/>
</disk>

Moving to /var removed the error message and allowed to start the virtual machine. This line:

<source file="/var/lib/libvirt/images/cdrom.iso" />

Answer 3

This is a work around but not the correct way. Set AppArmor to complain mode using following command:

sudo aa-complain /usr/sbin/libvirtd