Skip to content
Snippets Groups Projects
Commit aa77bd86 authored by Guido Günther's avatar Guido Günther
Browse files

Allow access to libnl-3 config files 

Closes: #786650
parent dd377163
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
debian/patches/Allow-access-to-libnl-3-config-files.patch 0 → 100644
+ 30
0
View file @ aa77bd86
From: Felix Geyer <fgeyer@debian.org>
Date: Sat, 13 Jun 2015 10:22:40 +0200
Subject: Allow access to libnl-3 config files
Closes: #786650
---
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
index b34fb35..89b95f6 100644
--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
@@ -16,9 +16,16 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
owner @{PROC}/[0-9]*/status r,
@{PROC}/filesystems r,
+ /etc/libnl-3/classid r,
+
# for hostdev
/sys/devices/ r,
/sys/devices/** r,
+ deny /dev/sd* r,
+ deny /dev/vd* r,
+ deny /dev/dm-* r,
+ deny /dev/mapper/ r,
+ deny /dev/mapper/* r,
/usr/{lib,lib64}/libvirt/virt-aa-helper mr,
/sbin/apparmor_parser Ux,
debian/patches/series
+ 1
0
View file @ aa77bd86
......@@ -11,3 +11,4 @@ Allow-xen-toolstack-to-find-it-s-binaries.patch
Skip-vircgrouptest.patch
debian/Debianize-virtlockd.patch
Use-upstreams-polkit-rule.patch
Allow-access-to-libnl-3-config-files.patch
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment