Re: [libvirt] [PATCH 07/12] apparmor, libvirt-qemu: add default pki path of lbvirt-spice

Jamie Strandboge: >> + # for use by libvirt-spice (LP: #1690140) >> + /etc/pki/libvirt-spice/ r, >> + /etc/pki/libvirt-spice/** r, > +1 to apply +1 as well, although I'd prefer some minor refactoring to merge this with the 2 already existing libvirt-vnc PKI sections (that were added in two different places in the file 7 years apart, but apparently are about the exact same use case). Something like this should allow replacing these two existing sections and the third one you're proposing we add: # for use by libvirt-vnc and libvirt-spice (LP: #901272, #1690140) /etc/pki/CA/ r, /etc/pki/CA/* r, /etc/pki/libvirt{,-spice,-vnc}/ r, /etc/pki/libvirt{,-spice,-vnc}/** r, What do you think?