Hi, Guido Günther wrote (21 Aug 2015 13:33:50 GMT) : > On Fri, Aug 21, 2015 at 11:12:33AM +0200, intrigeri wrote: >> The path I would prefer is: submit an updated debdiff that does not >> contain these bonus "deny" rules. I could prepare it if we agree on >> that, assuming the current state of this stable pu is in Vcs-Git. >> >> But if someone else disagrees and prefers to argue in favour of >> including these changes in the stable pu, feel free to do so :)
> I'm fine with this as well. The debian/jessie branch on alioth is up to > date. The attached patches, applied on top of debian/jessie, modify 1.2.9-9+deb8u1 as discussed (I don't have commit rights to the Vcs-Git, so I'll let Guido apply them). Once the Git repo is up-to-date, I'll send an updated debdiff to the release team. Cheers, -- intrigeri
>From c852ab76bbc21f49e16efaf49f916ccccc39b69f Mon Sep 17 00:00:00 2001 From: intrigeri <[email protected]> Date: Mon, 24 Aug 2015 09:05:39 +0000 Subject: [PATCH 1/2] Allow-access-to-libnl-3-config-files.patch: revert changes that are unrelated to the bug this patch is meant to fix. These bonus changes should be harmless, but it's not obvious that they qualify for a stable update. --- .../patches/Allow-access-to-libnl-3-config-files.patch | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/debian/patches/Allow-access-to-libnl-3-config-files.patch b/debian/patches/Allow-access-to-libnl-3-config-files.patch index 6932e41..58043a6 100644 --- a/debian/patches/Allow-access-to-libnl-3-config-files.patch +++ b/debian/patches/Allow-access-to-libnl-3-config-files.patch @@ -4,14 +4,14 @@ Subject: Allow access to libnl-3 config files Closes: #786650 --- - examples/apparmor/usr.lib.libvirt.virt-aa-helper | 7 +++++++ - 1 file changed, 7 insertions(+) + examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 ++ + 1 file changed, 2 insertions(+) diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper -index bceaaff..60739d0 100644 +index bceaaff..a3c9938 100644 --- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper +++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper -@@ -16,9 +16,16 @@ +@@ -16,6 +16,8 @@ owner @{PROC}/[0-9]*/status r, @{PROC}/filesystems r, @@ -20,11 +20,3 @@ index bceaaff..60739d0 100644 # for hostdev /sys/devices/ r, /sys/devices/** r, -+ deny /dev/sd* r, -+ deny /dev/vd* r, -+ deny /dev/dm-* r, -+ deny /dev/mapper/ r, -+ deny /dev/mapper/* r, - - /usr/lib/libvirt/virt-aa-helper mr, - /sbin/apparmor_parser Ux, -- 2.5.0
>From 9219fe45e161e495432ebe9fad0db3b21a788561 Mon Sep 17 00:00:00 2001 From: intrigeri <[email protected]> Date: Mon, 24 Aug 2015 09:08:28 +0000 Subject: [PATCH 2/2] Document more changes for 1.2.9-9+deb8u1. --- debian/changelog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/debian/changelog b/debian/changelog index 5c79c12..36eabe4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -13,6 +13,10 @@ libvirt (1.2.9-9+deb8u1) jessie; urgency=medium [ Felix Geyer ] * [9fb6c59] Allow access to libnl-3 configuration (Closes: #786652) + [ intrigeri ] + * Allow-access-to-libnl-3-config-files.patch: revert changes that are + unrelated to the bug this patch is meant to fix. + [ Daniel P. Berrange ] * [afae69a] Report original error when QMP probing fails with new QEMU (Closes: #780093) -- 2.5.0
