Hi, On Wed, Aug 19, 2015 at 04:53:32PM +0100, Adam D. Barratt wrote: > I have to admit that I'm also confused by the patch for #786650: > > On Wed, 2015-08-19 at 13:22 +0200, Guido Günther wrote: > > +Subject: Allow access to libnl-3 config files > [...] > ++ /etc/libnl-3/classid r, > ++ > > That seems to make sense... > > + # for hostdev > + /sys/devices/ r, > + /sys/devices/** r, > ++ deny /dev/sd* r, > ++ deny /dev/vd* r, > ++ deny /dev/dm-* r, > ++ deny /dev/mapper/ r, > ++ deny /dev/mapper/* r, > > ... these not so much.
According to Felix (cc:) these are only here to silence some denials filling the logs otherwise. So they cause not harm but are not mentioned in the changelog. I could fix that up before an upload. Cheers, -- Guido