Re: [libvirt] [PATCH] security: aa-helper: allow virt-aa-helper to read .vhd images
On Wed, 2019-07-03 at 12:46 +0200, Christian Ehrhardt wrote:
VHD images can be used as any other, so we should add them to the
list
of types that virt-aa-helper can read when creating the per-guest rules
for backing files.
Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com>
---
src/security/apparmor/usr.lib.libvirt.virt-aa-helper | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
b/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
index 78994bcda6..bf6bd297d1 100644
--- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
+++ b/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
@@ -63,6 +63,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
/**.qcow{,2} r,
/**.qed r,
/**.vmdk r,
+ /**.vhd r,
/**.[iI][sS][oO] r,
/**/disk{,.*} r,
I know basically nothing about AppArmor, but given the pre-existing
contents of the file the changes seem completely reasonable, so
Reviewed-by: Andrea Bolognani <abologna(a)redhat.com>
--
Andrea Bolognani / Red Hat / Virtualization