[PATCH V3 0/2] Apparmor: Add profiles for hypervisor daemons

V2: https://listman.redhat.com/archives/libvir-list/2021-June/msg00676.html V1: https://listman.redhat.com/archives/libvir-list/2021-June/msg00456.html Changes since V2: Patches 3 and 4 ACKed and pushed since they are bug fixes independent of modular vs monolithic daemons. The qemu_bridge_helper subprofile in patch 1 was adjusted for communication with virtqemud instead of libvirtd. After snooping through git history, I found a few capabilities explicitly added for xen that have been added back to the virtxend profile. Note: The profile for virtlxcd will have to wait until the following issue is fixed https://gitlab.com/libvirt/libvirt/-/issues/181 Jim Fehlig (2): Apparmor: Add profile for virtqemud Apparmor: Add profile for virtxend src/security/apparmor/libvirt-qemu | 3 + src/security/apparmor/meson.build | 2 + src/security/apparmor/usr.sbin.virtqemud.in | 134 ++++++++++++++++++++ src/security/apparmor/usr.sbin.virtxend.in | 55 ++++++++ 4 files changed, 194 insertions(+) create mode 100644 src/security/apparmor/usr.sbin.virtqemud.in create mode 100644 src/security/apparmor/usr.sbin.virtxend.in -- 2.31.1