Wow, thanks so much for the archaeology, Christian. That removal commit explains so much.
I prefer (b) for this case: - fewer moving pieces in the change is more likely to be reliable - adding abstractions/nameservice to a profile that didn't already have it is a fairly large increase in permissions - if the code in question is going to be gone in ten years, 'planning for the future' is much less important - apparently this functionality isn't widely used in Focal, otherwise we would have seen more than this. It's a bit strange to come to a different conclusion the next day; I could probably be talked into (a) if someone else feels strongly about it. But the simpler approach is my preference now. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890858 Title: AppArmor profile causes QEMU/KVM - Not Connected To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1890858/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
