On Wed, 2019-07-03 at 12:46 +0200, Christian Ehrhardt wrote:
VHD images can be used as any other, so we should add them to the list of types that virt-aa-helper can read when creating the per-guest rules for backing files.
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> --- src/security/apparmor/usr.lib.libvirt.virt-aa-helper | 1 + 1 file changed, 1 insertion(+)
diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper b/src/security/apparmor/usr.lib.libvirt.virt-aa-helper index 78994bcda6..bf6bd297d1 100644 --- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper +++ b/src/security/apparmor/usr.lib.libvirt.virt-aa-helper @@ -63,6 +63,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper { /**.qcow{,2} r, /**.qed r, /**.vmdk r, + /**.vhd r, /**.[iI][sS][oO] r, /**/disk{,.*} r,
I know basically nothing about AppArmor, but given the pre-existing contents of the file the changes seem completely reasonable, so Reviewed-by: Andrea Bolognani <abologna@redhat.com> -- Andrea Bolognani / Red Hat / Virtualization