Re: [libvirt] [PATCH 04/10] apparmor, virt-aa-helper: Allow access to libnl-3 config files

[Guido Günther]

On Mon, May 15, 2017 at 03:23:13PM +0200, Stefan Bader wrote:
> From: Felix Geyer 
> 
> Allow access to libnl-3 config files
> 
> Signed-off-by: Christian Ehrhardt 
> Signed-off-by: Stefan Bader 
> ---
>  examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper 
> b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
> index 4a8f197..ee53c2c 100644
> --- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
> +++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
> @@ -16,6 +16,8 @@ profile virt-aa-helper 
> /usr/{lib,lib64}/libvirt/virt-aa-helper {
>owner @{PROC}/[0-9]*/status r,
>@{PROC}/filesystems r,
>  
> +  /etc/libnl-3/classid r,
> +
># for hostdev
>/sys/devices/ r,
>/sys/devices/** r,
> -- 

ACK (shipped in a similar form in Debian already).
Cheers,
 -- Guido

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH 04/10] apparmor, virt-aa-helper: Allow access to libnl-3 config files

[Stefan Bader]

From: Felix Geyer 

Allow access to libnl-3 config files

Signed-off-by: Christian Ehrhardt 
Signed-off-by: Stefan Bader 
---
 examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper 
b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
index 4a8f197..ee53c2c 100644
--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
@@ -16,6 +16,8 @@ profile virt-aa-helper 
/usr/{lib,lib64}/libvirt/virt-aa-helper {
   owner @{PROC}/[0-9]*/status r,
   @{PROC}/filesystems r,
 
+  /etc/libnl-3/classid r,
+
   # for hostdev
   /sys/devices/ r,
   /sys/devices/** r,
-- 
2.7.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list