Yes, so basically we have:
 - dnsmasq.pid (create + read/write by dnsmasq)
 - dnsmasq.raw (read by dnsmasq)
 - dnsmasq.hosts (read by dnsmasq)
 - dnsmasq.leases (create + read/write by dnsmasq)

I'd be tempted to just go with:

/var/lib/lxd/networks/*/dnsmasq.pid rw,
/var/lib/lxd/networks/*/dnsmasq.leases rw,
/var/lib/lxd/networks/*/dnsmasq.* r,

That should make things a bit more future proof should we add any more
dnsmasq related files in there.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1634199

Title:
  In 16.10, LXD won't work with enforced dsnmasq profile

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1634199/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to