libvirt - Problem with encrypted QEMU-VM after upgrade to buster

To: debian-user@lists.debian.org
Subject: libvirt - Problem with encrypted QEMU-VM after upgrade to buster
From: Dominik <dr896543@gmail.com>
Date: Mon, 8 Jul 2019 13:40:44 +0200
Message-id: <[🔎] da625846-72ca-2be3-f6ef-6ebae9b0d346@gmail.com>

After upgrading to busters, my VMs fail to start:

 virsh --connect qemu:///system start Feigenbaum
error: Failed to start domain Feigenbaum

error: internal error: process exited while connecting to monitor:2019-07-08T11:32:00.290494Z qemu-system-x86_64: --objectsecret,id=sec0,file=/etc/libvirt/secret/Feigenbaum.secret: Unable toread /etc/libvirt/secret/Feigenbaum.secret: Failed to open file“/etc/libvirt/secret/Feigenbaum.secret”: Permission denied

The VMs are encrypted and /etc/libvirt/secret/ contains the key filesfor decryption.


I suspect apparmor to cause the problem, thus I extended the profile:

/etc/apparmor.d/usr.lib.libvirt.virt-aa-helper to include the followinglines:


  /etc/libvirt/secrets/** rw,
  /etc/libvirt/secrets/ r,

after parsing the profile with

sudo apparmor_parser -r /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper

The "premission denied" still occurs.

Reply to:

Prev by Date: Re: READY! Tomas Ukkonen: Genocide. SOS.
Next by Date: Re: [OT] send all email from certain From: addresses into a spam
Previous by thread: Re: READY! Tomas Ukkonen: Genocide. SOS.
Next by thread: buster changes vim mouse behavior again...
Index(es):
- Date
- Thread