[libvirt] [PATCH] apparmor: fix virt-aa-helper profile
Fix rule introduced by commit 0f33025a: * to handle /var/run not being a symlink to /run * to be properly parsed: missing comma at the end. --- examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper index 9c822b644..105f09e43 100644 --- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper +++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper @@ -51,7 +51,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper { /var/lib/libvirt/images/** r, /{media,mnt,opt,srv}/** r, # For virt-sandbox - /run/libvirt/**/[sv]d[a-z] r + /{,var/}run/libvirt/**/[sv]d[a-z] r, /**.img r, /**.raw r, -- 2.15.1
Cédric Bosdonnat:
* to handle /var/run not being a symlink to /run
Does this still really exist in any distro that has chances to run a recent libvirt? If yes, then:
- /run/libvirt/**/[sv]d[a-z] r + /{,var/}run/libvirt/**/[sv]d[a-z] r,
+1 And in any case, +1 the missing comma.
On Wed, 2018-01-03 at 11:54 +0100, intrigeri wrote:
Cédric Bosdonnat:
* to handle /var/run not being a symlink to /run
Does this still really exist in any distro that has chances to run a recent libvirt?
At least some people tweak their distro for that, since the openSUSE AppArmor does it ;) -- Cedric
If yes, then:
- /run/libvirt/**/[sv]d[a-z] r + /{,var/}run/libvirt/**/[sv]d[a-z] r,
+1
And in any case, +1 the missing comma.
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
On Wed, 2018-01-03 at 10:55 +0100, Cédric Bosdonnat wrote:
Fix rule introduced by commit 0f33025a: * to handle /var/run not being a symlink to /run * to be properly parsed: missing comma at the end. --- examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper index 9c822b644..105f09e43 100644 --- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper +++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper @@ -51,7 +51,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper { /var/lib/libvirt/images/** r, /{media,mnt,opt,srv}/** r, # For virt-sandbox - /run/libvirt/**/[sv]d[a-z] r + /{,var/}run/libvirt/**/[sv]d[a-z] r,
LGTM. +1 to commit as is. -- Jamie Strandboge | http://www.canonical.com
participants (4)
-
Cedric Bosdonnat -
Cédric Bosdonnat
-
intrigeri -
Jamie Strandboge