Re: [libvirt] [PATCH 7/8] appmor, libvirt-qemu: Add 9p support

On Thu, May 18, 2017 at 11:21:54AM -0500, Serge E. Hallyn wrote: > Mind you I'm not crazy about this. If this could be toggled with a > default-off config option that would seem better than always giving > these caps to libvirt-qemu. virt-aa-helper could add these if it detects a 9pfs file system. That would be better than always adding it.

Cheers, -- Guido > > Quoting Stefan Bader (stefan.bader(a)canonical.com): > > From: Serge Hallyn <serge.hallyn(a)ubuntu.com&gt; > > > > Add fowner and fsetid to libvirt-qemu profile. > > > > Bug-Ubuntu: https://bugs.launchpad.net/bugs/1378434 > > > > Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com&gt; > > Signed-off-by: Stefan Bader <stefan.bader(a)canonical.com&gt; > > --- > > examples/apparmor/libvirt-qemu | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu > > index 89466c9..f04ce04 100644 > > --- a/examples/apparmor/libvirt-qemu > > +++ b/examples/apparmor/libvirt-qemu > > @@ -13,6 +13,10 @@ > > capability setgid, > > capability setuid, > > > > + # for 9p > > + capability fsetid, > > + capability fowner, > > + > > network inet stream, > > network inet6 stream, > > > > -- > > 2.7.4 >