[BUG] Permissions of libvirt-qemu not working correctly on Ubuntu 22.04

[mh4ck-Thales]

Describe the bug

When trying to make freyja work on a fresh install of Ubuntu 22.04, there are issues with libvirt-qemu permissions.
When trying to create a machine :
freyja output :

hypervisor115@hypervisor115:~/freyja-cylons-examples$ freyja machine create -c ./ubuntu/ubuntu22.04/freyja-ubuntu22.04-example.yaml 
[INFO] Create hosts
[INFO] Configure host ubuntu22.04-test
[INFO] Create host ubuntu22.04-test
WARNING  /home/hypervisor115/freyja-workspace/build/ubuntu22.04-test/ubuntu22.04-test_vdisk.img may not be accessible by the hypervisor. You will need to grant the 'libvirt-qemu' user search permissions for the following directories: ['/home/hypervisor115']
WARNING  /home/hypervisor115/freyja-workspace/build/ubuntu22.04-test/ubuntu22.04-test_cloud_init.iso may not be accessible by the hypervisor. You will need to grant the 'libvirt-qemu' user search permissions for the following directories: ['/home/hypervisor115']

Starting install...
Creating domain...                                          |    0 B  00:00     
Domain creation completed.

journalctl output :

Feb 22 10:29:24 hypervisor115 polkitd(authority=local)[20285]: Registered Authentication Agent for unix-process:84603:5032396 (system bus name :1.254 [/usr/b
in/pkttyagent --process 84603 --notify-fd 4 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)                    Feb 22 10:29:24 hypervisor115 polkitd(authority=local)[20285]: Unregistered Authentication Agent for unix-process:84603:5032396 (system bus name :1.254, obje
ct path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)                                                         Feb 22 10:29:24 hypervisor115 polkitd(authority=local)[20285]: Registered Authentication Agent for unix-process:84609:5032403 (system bus name :1.255 [/usr/b
in/pkttyagent --process 84609 --notify-fd 4 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Feb 22 10:29:24 hypervisor115 polkitd(authority=local)[20285]: Unregistered Authentication Agent for unix-process:84609:5032403 (system bus name :1.255, obje
ct path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
Feb 22 10:29:24 hypervisor115 libvirtd[81650]: operation failed: network 'ctrl-plane' already exists with uuid 16d2b3ca-77ba-496c-aeac-c0e56f655496
Feb 22 10:29:24 hypervisor115 polkitd(authority=local)[20285]: Registered Authentication Agent for unix-process:84615:5032407 (system bus name :1.256 [/usr/b
in/pkttyagent --process 84615 --notify-fd 4 --fallback], object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Feb 22 10:29:24 hypervisor115 polkitd(authority=local)[20285]: Unregistered Authentication Agent for unix-process:84615:5032407 (system bus name :1.256, obje
ct path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
Feb 22 10:29:25 hypervisor115 audit[84643]: AVC apparmor="STATUS" operation="profile_load" profile="unconfined" name="libvirt-7348a4d8-9265-495e-b829-9900891
a8a05" pid=84643 comm="apparmor_parser"
Feb 22 10:29:25 hypervisor115 kernel: audit: type=1400 audit(1677061765.579:265): apparmor="STATUS" operation="profile_load" profile="unconfined" name="libvi
rt-7348a4d8-9265-495e-b829-9900891a8a05" pid=84643 comm="apparmor_parser"     
Feb 22 10:29:25 hypervisor115 audit[84646]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="libvirt-7348a4d8-9265-495e-b829-9900
891a8a05" pid=84646 comm="apparmor_parser"                                    
Feb 22 10:29:25 hypervisor115 kernel: audit: type=1400 audit(1677061765.795:266): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="li
bvirt-7348a4d8-9265-495e-b829-9900891a8a05" pid=84646 comm="apparmor_parser"                                                                                 
Feb 22 10:29:26 hypervisor115 audit[84650]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="libvirt-7348a4d8-9265-495e-b829-9900
891a8a05" pid=84650 comm="apparmor_parser"                                                                                                                   
Feb 22 10:29:26 hypervisor115 kernel: audit: type=1400 audit(1677061766.011:267): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="li
bvirt-7348a4d8-9265-495e-b829-9900891a8a05" pid=84650 comm="apparmor_parser"                                                                                 
Feb 22 10:29:26 hypervisor115 audit[84654]: AVC apparmor="STATUS" operation="profile_replace" info="same as current profile, skipping" profile="unconfined" n
ame="libvirt-7348a4d8-9265-495e-b829-9900891a8a05" pid=84654 comm="apparmor_parser"                                        
Feb 22 10:29:26 hypervisor115 kernel: audit: type=1400 audit(1677061766.199:268): apparmor="STATUS" operation="profile_replace" info="same as current profile
, skipping" profile="unconfined" name="libvirt-7348a4d8-9265-495e-b829-9900891a8a05" pid=84654 comm="apparmor_parser"
Feb 22 10:29:26 hypervisor115 networkd-dispatcher[1305]: WARNING:Unknown index 19 seen, reloading interface list
Feb 22 10:29:26 hypervisor115 systemd-networkd[1267]: vnet4: Link UP
Feb 22 10:29:26 hypervisor115 systemd-networkd[1267]: vnet4: Gained carrier
Feb 22 10:29:26 hypervisor115 systemd-udevd[84660]: Using default interface naming scheme 'v249'.
Feb 22 10:29:26 hypervisor115 kernel: br-ctrl-plane: port 2(vnet4) entered blocking state
Feb 22 10:29:26 hypervisor115 kernel: br-ctrl-plane: port 2(vnet4) entered disabled state
Feb 22 10:29:26 hypervisor115 kernel: device vnet4 entered promiscuous mode
Feb 22 10:29:26 hypervisor115 kernel: br-ctrl-plane: port 2(vnet4) entered blocking state
Feb 22 10:29:26 hypervisor115 audit[84670]: AVC apparmor="STATUS" operation="profile_replace" profile="unconfined" name="libvirt-7348a4d8-9265-495e-b829-9900
891a8a05" pid=84670 comm="apparmor_parser"                                    
Feb 22 10:29:26 hypervisor115 kernel: audit: type=1400 audit(1677061766.443:269): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="li
bvirt-7348a4d8-9265-495e-b829-9900891a8a05" pid=84670 comm="apparmor_parser"  
Feb 22 10:29:26 hypervisor115 systemd-machined[1314]: New machine qemu-25-ubuntu22.04-test.
░░ Subject: A virtual machine or container has been started
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░                                     
░░ The virtual machine qemu-25-ubuntu22.04-test with its leader PID 84672 has been
░░ started is now ready to use.
Feb 22 10:29:26 hypervisor115 systemd[1]: Started Virtual Machine qemu-25-ubuntu22.04-test.
░░ Subject: A start job for unit machine-qemu\x2d25\x2dubuntu22.04\x2dtest.scope has finished successfully
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░                                     
░░ A start job for unit machine-qemu\x2d25\x2dubuntu22.04\x2dtest.scope has finished successfully.
░░                                     
░░ The job identifier is 6976.
Feb 22 10:29:27 hypervisor115 systemd-timesyncd[1259]: Timed out waiting for reply from 91.189.94.4:123 (ntp.ubuntu.com).
Feb 22 10:29:27 hypervisor115 systemd-networkd[1267]: vnet4: Gained IPv6LL
Feb 22 10:29:30 hypervisor115 kernel: br-ctrl-plane: port 2(vnet4) entered learning state
Feb 22 10:29:34 hypervisor115 kernel: br-ctrl-plane: port 2(vnet4) entered forwarding state
Feb 22 10:29:34 hypervisor115 kernel: br-ctrl-plane: topology change detected, sending tcn bpdu
Feb 22 10:29:37 hypervisor115 systemd-timesyncd[1259]: Timed out waiting for reply from 185.125.190.56:123 (ntp.ubuntu.com).
Feb 22 10:29:47 hypervisor115 systemd-timesyncd[1259]: Timed out waiting for reply from 91.189.91.157:123 (ntp.ubuntu.com).

To Reproduce
Steps to reproduce the behavior:
try to create a freyja machine on ubuntu 22.04 and notice the bug

Expected behavior

There are no warnings about permissions when creating the machine.

Desktop (please complete the following information):

• OS: Ubuntu 22
• Version latest

Additional context

Potential solutions :

• Nothing corresponding in troubleshoot docs
• try to modify apparmor config by adding executions permissions, not working (crash)
• try to give s permissions to libvirt-qemu group on the freyja-workspace folder ? cf https://linuxize.com/post/understanding-linux-file-permissions/#linux-file-permissions :

If found in the user triplet, it sets the setuid bit. If found in the group triplet it sets the setgid bit. It also means that x flag is set. When the setgid flag is set on a directory, the new files created within it inherits the directory group ID (GID) instead of the primary group ID of the user who created the file.
setuid has no effect on directories.