On Tue, May 23, 2017 at 06:22:46PM +0200, Stefan Bader wrote:
From: Guilhem Lettron <guilhem+ubuntu@lettron.fr>
Add rule to allow access to /dev/tap* used by macvtap.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/921870
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> Signed-off-by: Stefan Bader <stefan.bader@canonical.com> --- examples/apparmor/libvirt-qemu | 1 + 1 file changed, 1 insertion(+)
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu index fddc93a..e2b0dfd 100644 --- a/examples/apparmor/libvirt-qemu +++ b/examples/apparmor/libvirt-qemu @@ -17,6 +17,7 @@ network inet6 stream,
/dev/net/tun rw, + /dev/tap* rw, /dev/kvm rw, /dev/ptmx rw, /dev/kqemu rw,
Shouldn't this only be added when macvtap is in use? Cheers, -- Guido
-- 2.7.4
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list