[libvirt] [PATCH 11/12] apparmor, virt-aa-helper: Allow access to ecryptfs files

From: Jamie Strandboge <jamie(a)ubuntu.com&gt; Bug-Ubuntu: https://bugs.launchpad.net/bugs/591769 Signed-off-by: Stefan Bader <stefan.bader(a)canonical.com&gt; --- examples/apparmor/usr.lib.libvirt.virt-aa-helper | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper index bd6181d..d63c844 100644 --- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper +++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper @@ -47,6 +47,10 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper { audit deny @{HOME}/bin/** mrwkl, @{HOME}/ r, @{HOME}/** r, + # Alow access to ecryptfs files (LP: #591769) + @{HOME}/.Private/** mrwlk, + @{HOMEDIRS}/.ecryptfs/*/.Private/** mrwlk, + /var/lib/libvirt/images/ r, /var/lib/libvirt/images/** r, /{media,mnt,opt,srv}/** r, -- 2.7.4