Thanks a lot Brian!
The denies for /sys/devices will be covered by my recent upstream commit
which is a bit less "open" :-)
This is stuff we really need to add:
/usr/share/egl/egl_external_platform.d/ r,
/usr/share/egl/egl_external_platform.d/** r,
/proc/modules r,
Less open than you suggested but should work, I recently added upstream:
/etc/glvnd/egl_vendor.d/{,*} r,
which together with the rule above should be fine.
Note, all that is only done if GL is enabled which makes it rather
secure to not open it up in general.
The following rules you added in your test, but I haven't seen the apparmor
DENIED examples in any of the logs.
Would you mind running it without those rules and provide those deny example
logs for:
/proc/driver/nvidia/ r,
/proc/driver/nvidia/** r,
/dev/nvidiactl rw,
Once I have that I can push a change online extending what I did for
i915 with what you identified.
Once we have that I can do an upload to Disco with all of it and we can
give it a retry with all the platforms that we have.
** Changed in: libvirt (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1817943
Title:
OpenGL accel dev work doesn't work on nvidia card
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1817943/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
