With Jamie Strandboge's help it should be restricted a bit more by
adding addr=none:
unix (send, receive) type=stream addr=none peer=(label=/usr/sbin/libvirtd),
On Tue, Feb 28, 2017 at 1:48 PM, Bryan Quigley
<bryan.quigley(a)canonical.com> wrote:
Also see Ubuntu bug
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1668681
First reported
https://askubuntu.com/questions/833964/virt-manager-cant-connect-to-graph...
---
examples/apparmor/libvirt-qemu | 3 +++
1 file changed, 3 insertions(+)
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu
index a9020aa..19d99e5 100644
--- a/examples/apparmor/libvirt-qemu
+++ b/examples/apparmor/libvirt-qemu
@@ -151,3 +151,6 @@
/etc/udev/udev.conf r,
/sys/bus/ r,
/sys/class/ r,
+
+ # allow connect with openGraphicsFD to work
+ unix (send, receive) type=stream peer=(label=/usr/sbin/libvirtd),
--
2.10.2