I see your point. I did a quick research and it seems to be a limitation on virt-aa-helper:

root@orpiske:/etc/libvirt/qemu# cat ubuntu_12_04\ with\ spaces.xml | /usr/lib/libvirt/virt-aa-helper -d -p 0 -r -u libvirt-61d77fad-bb1f-49fa-93e1-2b70a5cb8f4c ; echo $?
virt-aa-helper: error: bad name
virt-aa-helper: error: could not get VM definition
1

Whereas, this works:

root@orpiske:/etc/libvirt/qemu# cat ubuntu_12_04.xml | /usr/lib/libvirt/virt-aa-helper -d -p 0 -r -u libvirt-d020c07a-b8d5-40f3-b02b-3df5ed6d06b3 ; echo $?
virt-aa-helper:
/etc/apparmor.d/libvirt/libvirt-d020c07a-b8d5-40f3-b02b-3df5ed6d06b3.files
virt-aa-helper:
"/var/log/libvirt/**/ubuntu_12_04.log" w,
"/var/lib/libvirt/**/ubuntu_12_04.monitor" rw,
"/var/run/libvirt/**/ubuntu_12_04.pid" rwk,
"/run/libvirt/**/ubuntu_12_04.pid" rwk,
"/var/run/libvirt/**/*.tunnelmigrate.dest.ubuntu_12_04" rw,
"/run/libvirt/**/*.tunnelmigrate.dest.ubuntu_12_04" rw,
"/var/lib/libvirt/images/d020c07a-b8d5-40f3-b02b-3df5ed6d06b3-0.img" rw,
"/home/orpiske/vms/isos/ubuntu-12.04.3-desktop-i386.iso" r,
# don't audit writes to readonly files
deny "/home/orpiske/vms/isos/ubuntu-12.04.3-desktop-i386.iso" w,

0

I decided to dig further and I took a look at virt-aa-helper source code and it does, indeed, check if the name does not contain spaces (as well as one of /, [, ] and *). Because of that, it seems that it's unable to load/recreate (?) the profile.

Does it make sense to you? And, if yes, what would you suggest as an appropriate work-around in this case?

On Thu, Jan 23, 2014 at 5:48 PM, Aline Manera <alinefm@linux.vnet.ibm.com> wrote:

On 01/22/2014 07:19 PM, Crístian Viana wrote:

As I added to the GitHub issue page (https://github.com/kimchi-project/kimchi/issues/306#issuecomment-33068988), I don't think having a space in a VM's name is a problem. I am able to create a VM named "hello world" using Kimchi and virsh.

We should not add a limitation like this one to Kimchi (i.e. restricting the VM name) if there's not a real reason to.

Agree.

Seems this problem is on a deeper layer.
In a quick search on the internet I found a lot of forums related to "libvirtError: internal error cannot load AppArmor profile"
We need to investigate more to find the root cause.

Am 22-01-2014 19:01, schrieb Otavio R. Piske:

From: "Otavio R. Piske" <angusyoung@gmail.com>

Kimchi fails to start the guest OS if the user names it with spaces. As pointed in the issue #306, other VM management interfaces prevent the user from creating a guest OS if the name contain invalid characters.

This patch adds a validation logic that prevents the user from naming a Guest OS with anything other than alphanumeric chars, '-', '.' or '_'.

Signed-off-by: Otavio R. Piske <angusyoung@gmail.com>

_______________________________________________
Kimchi-devel mailing list
Kimchi-devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/kimchi-devel

--
Otavio R. Piske
http://orpiske.net