From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=protonmail.com
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=protonmail.com header.i=@protonmail.com header.a=rsa-sha256 header.s=protonmail3 header.b=qLL2IjDO;
	dkim-atps=neutral
Received: from mail-10696.protonmail.ch (mail-10696.protonmail.ch [79.135.106.96])
	by passt.top (Postfix) with ESMTPS id 63B6E5A0276
	for <passt-dev@passt.top>; Wed, 19 Feb 2025 07:31:57 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
	s=protonmail3; t=1739946716; x=1740205916;
	bh=lgnlsvnTjyQs4cRxP6hZtCtLvhIrDhGhk+ZVPQ6pS70=;
	h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References:
	 Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID:
	 Message-ID:BIMI-Selector:List-Unsubscribe:List-Unsubscribe-Post;
	b=qLL2IjDODRs2EExzNDhd+jrK00rkY+XNMUy4ierq+nALjlhf0ijcXD9YZ8C+1T6X3
	 Z6K/OAuQWWUB+dDGI5g6x0OuhTa2pw1+91HoklFwP7MNYqNJDdAklupfUVHFSHQCIm
	 plXEQ0P80fToX7G/+4FlyrOW2q2BP3A7TZj57wcn8st/4lm9n/Mb+FXUCY617eKW8C
	 a93Z6sgtY8TxuFjW0QzYvuiIwsmkN22XWGF78gQ3NZUH5NMxO8q400+VFgg62+/3bL
	 AtRU6C73fMd/dzjjiYhrG90sHmSlukQEIYFBTnnlciXxLyOlLTUQ1M7K3KWaBggw5D
	 Gamiz3zr8cTDQ==
Date: Wed, 19 Feb 2025 06:31:49 +0000
To: Stefano Brivio <sbrivio@redhat.com>
From: Prafulla Giri <prafulla.giri@protonmail.com>
Subject: Re: Apparmor (and other) Issues
Message-ID: <qIxgv09q-IkQS32-MDqNap8e-mTFn0Jo14ftldWYhcTe8Lw8_CmRR9olLcjnZqty_NJQrmVsT-ouh9rTJN3cNqrV5DQo9PQGPt-tFMoim0o=@protonmail.com>
In-Reply-To: <20250217083741.41343ded@elisabeth>
References: <NNMPy6qrSrpU0VFxOsd8tUnJFDsz_Ychl7WAxOB1aYfyRCjzTG4uzNEGZLkHUa_NnxCEAL_X1lhnySdZ_1i2ZMxuVK0zDHa-YLex3O5fhRw=@protonmail.com> <t4Q_AOLf7PMtjbFhRT3BxgqrXnYgjLWspa4QmF0qYhJVBv1Ii9Ab-QXjz67Ox8mMDfb3KccGtG8Z70roOVrG5G97j8AdT5WQeP7q7ZyvQzk=@protonmail.com> <20250205111651.59551470@elisabeth> <dTvRE8XP9qGztL_dwmVKzvWmc021gPPE5k2L-LxyAcxKx5VnBddUsYuCfHMa6uyJxxjxRPsW41v6HfnNgMsz4WehE7GZNPBhVu8px3OEbDU=@protonmail.com> <20250207101631.0875e141@elisabeth> <GUPj_CFpqQVnV8mYKnh-ikkB3UyAlA9aQ9-GjY8O2a4r9n1zpqkZFRpl7_VaLKCZtpXjaae8zEcyeVrtBTYTcsMi0w-7JgITsNQ7mDwnY7g=@protonmail.com> <20250209100848.4e5c39de@elisabeth> <qeQIp0OQcgUo6rgH5w8NAa_1SiLeNDYqAIpAuq9zoEOO1m2KoEHne4afdC2xHlKK_680-I1k0imAzvHlzru2RFWRbYfrhyB6YxEE0AKpW-I=@protonmail.com> <20250217083741.41343ded@elisabeth>
Feedback-ID: 33818994:user:proton
X-Pm-Message-ID: 2b206f5aaadaf19f107f7a4d54ce141f1debf508
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: DUTURYP2HWBXKSJ4CVDUIVOTUKRMDDPE
X-Message-ID-Hash: DUTURYP2HWBXKSJ4CVDUIVOTUKRMDDPE
X-MailFrom: prafulla.giri@protonmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Andrea Bolognani <abologna@redhat.com>, "passt-dev@passt.top" <passt-dev@passt.top>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/qIxgv09q-IkQS32-MDqNap8e-mTFn0Jo14ftldWYhcTe8Lw8_CmRR9olLcjnZqty_NJQrmVsT-ouh9rTJN3cNqrV5DQo9PQGPt-tFMoim0o=@protonmail.com/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/DUTURYP2HWBXKSJ4CVDUIVOTUKRMDDPE/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


On Monday, February 17th, 2025 at 1:22 PM, Stefano Brivio <sbrivio@redhat.c=
om> wrote:

>=20
> You mean 'passt', and:
>=20
Strangely enough, I did mean pasta: that's the one that gives a shell. pass=
t only creates namespace thingy. I thought pasta used passt underneath and =
that is why changes to passt was visible by testing pasta. Am I doing somet=
hing wrong?

>=20
> https://salsa.debian.org/sbrivio/passt/-/commit/5bb812e79143670a57440cd8a=
a7f2979583c5a0a
>=20
> might explain it. You need to create hard links ('make install' doesn't
> do that) to associate different AppArmor profiles.
>=20
> In any case, I'm releasing (and packaging) a new version with the
> AppArmor workaround today.
>=20
I just checked on Debian Sid and I can confirm that everything is working a=
s expected. Thank you very much for your hard work. As I understand it, a b=
etter Apparmor fix is being discussed with other maintainers in the meantim=
e. But as things stand right now, Debian users ought to be able to use pass=
t with libvirt, as expected.

In the meantime, I have noticed another error and want to ask where I ought=
 to report it: If a VM isn't able to run, passt configs aren't cleared. I j=
ust had a VM not start because of permission errors (I resolved it), but tr=
ying to restart the VM threw a passt error saying the port being forwarded =
was already in use (a remnant of previous run that failed). I'll have to co=
me up with a way to make this reproducible, of course. But it seems that on=
 unclean exits, passt isn't being allowed to clean things up (destroy the c=
reated namespace, stop the port-forwards, etc.) Perhaps I ought to report t=
his on libvirt side? I encountered this error through virt-manager. Perhaps=
 I should test with virsh as well.