Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 577724 Details for
Bug 686702
app-emulation/libvirt-5.2.0-r2 problem with apparmor profile for virt-aa-helper
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fixed libvirt-5.0.0-fix-paths-for-apparmor.patch
fixed_libvirt-5.0.0-fix-paths-for-apparmor.patch (text/plain), 4.27 KB, created by
aporilel
on 2019-05-24 22:50:14 UTC
(
hide
)
Description:
fixed libvirt-5.0.0-fix-paths-for-apparmor.patch
Filename:
MIME Type:
Creator:
aporilel
Created:
2019-05-24 22:50:14 UTC
Size:
4.27 KB
patch
obsolete
>From 563706143779166624812b3faf498d869f5dd383 Mon Sep 17 00:00:00 2001 >Message-Id: <563706143779166624812b3faf498d869f5dd383.1547196492.git.mprivozn@redhat.com> >From: Michal Privoznik <mprivozn@redhat.com> >Date: Fri, 11 Jan 2019 09:41:06 +0100 >Subject: [PATCH] gentoo: fix paths for apparmor > >Signed-off-by: Michal Privoznik <mprivozn@redhat.com> >--- > src/security/Makefile.inc.am | 10 +++++----- > src/security/apparmor/libvirt-qemu | 2 ++ > ...bvirt.virt-aa-helper => usr.libexec.virt-aa-helper} | 4 ++-- > src/security/apparmor/usr.sbin.libvirtd | 6 ++++-- > 4 files changed, 13 insertions(+), 9 deletions(-) > rename src/security/apparmor/{usr.lib.libvirt.virt-aa-helper => usr.libexec.virt-aa-helper} (93%) > >diff --git a/src/security/Makefile.inc.am b/src/security/Makefile.inc.am >index b24cdfd083..ae8e979b84 100644 >--- a/src/security/Makefile.inc.am >+++ b/src/security/Makefile.inc.am >@@ -36,7 +36,7 @@ EXTRA_DIST += \ > security/apparmor/TEMPLATE.lxc \ > security/apparmor/libvirt-qemu \ > security/apparmor/libvirt-lxc \ >- security/apparmor/usr.lib.libvirt.virt-aa-helper \ >+ security/apparmor/usr.libexec.virt-aa-helper \ > security/apparmor/usr.sbin.libvirtd \ > $(NULL) > >@@ -90,7 +90,7 @@ endif WITH_SECDRIVER_APPARMOR > if WITH_APPARMOR_PROFILES > apparmordir = $(sysconfdir)/apparmor.d/ > apparmor_DATA = \ >- security/apparmor/usr.lib.libvirt.virt-aa-helper \ >+ security/apparmor/usr.libexec.virt-aa-helper \ > security/apparmor/usr.sbin.libvirtd \ > $(NULL) > >@@ -110,11 +110,11 @@ APPARMOR_LOCAL_DIR = "$(DESTDIR)$(apparmordir)/local" > install-apparmor-local: > $(MKDIR_P) "$(APPARMOR_LOCAL_DIR)" > echo "# Site-specific additions and overrides for \ >- 'usr.lib.libvirt.virt-aa-helper'" \ >- >"$(APPARMOR_LOCAL_DIR)/usr.lib.libvirt.virt-aa-helper" >+ 'usr.libexec.virt-aa-helper'" \ >+ >"$(APPARMOR_LOCAL_DIR)/usr.libexec.virt-aa-helper" > > uninstall-apparmor-local: >- rm -f "$(APPARMOR_LOCAL_DIR)/usr.lib.libvirt.virt-aa-helper" >+ rm -f "$(APPARMOR_LOCAL_DIR)/usr.libexec.virt-aa-helper" > rmdir "$(APPARMOR_LOCAL_DIR)" || : > > INSTALL_DATA_LOCAL += install-apparmor-local >diff --git a/src/security/apparmor/libvirt-qemu b/src/security/apparmor/libvirt-qemu >index eaa5167525..9be50bbbe0 100644 >--- a/src/security/apparmor/libvirt-qemu >+++ b/src/security/apparmor/libvirt-qemu >@@ -87,6 +87,8 @@ > /usr/share/AAVMF/** r, > /usr/share/qemu-efi/** r, > /usr/share/slof/** r, >+ /usr/share/seavgabios/** r, >+ /usr/share/edk2-ovmf/** r, > > # pki for libvirt-vnc and libvirt-spice (LP: #901272, #1690140) > /etc/pki/CA/ r, >diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper b/src/security/apparmor/usr.libexec.virt-aa-helper >similarity index 93% >rename from src/security/apparmor/usr.lib.libvirt.virt-aa-helper >rename to src/security/apparmor/usr.libexec.virt-aa-helper >index de9436872c..99ab4ea527 100644 >--- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper >+++ b/src/security/apparmor/usr.libexec.virt-aa-helper >@@ -1,7 +1,7 @@ > # Last Modified: Mon Apr 5 15:10:27 2010 > #include <tunables/global> > >-profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper { >+profile virt-aa-helper /usr/libexec/virt-aa-helper { > #include <abstractions/base> > > # needed for searching directories >@@ -36,7 +36,7 @@ > deny /dev/mapper/ r, > deny /dev/mapper/* r, > >- /usr/{lib,lib64}/libvirt/virt-aa-helper mr, >+ /usr/libexec/virt-aa-helper mr, > /{usr/,}sbin/apparmor_parser Ux, > > /etc/apparmor.d/libvirt/* r, >@@ -66,5 +66,5 @@ > /**.[iI][sS][oO] r, > /**/disk{,.*} r, > >- #include <local/usr.lib.libvirt.virt-aa-helper> >+ #include <local/usr.libexec.virt-aa-helper> > } >diff --git a/src/security/apparmor/usr.sbin.libvirtd b/src/security/apparmor/usr.sbin.libvirtd >index f0ffc53008..8a402bd6ec 100644 >--- a/src/security/apparmor/usr.sbin.libvirtd >+++ b/src/security/apparmor/usr.sbin.libvirtd >@@ -98,8 +98,10 @@ > audit deny /sys/kernel/security/apparmor/.* rwxl, > /sys/kernel/security/apparmor/profiles r, > /usr/{lib,lib64}/libvirt/* PUxr, >- /usr/{lib,lib64}/libvirt/libvirt_parthelper ix, >- /usr/{lib,lib64}/libvirt/libvirt_iohelper ix, >+ /usr/libexec/virt-aa-helper PUxr, >+ /usr/libexec/libvirt_lxc PUxr, >+ /usr/libexec/libvirt_parthelper ix, >+ /usr/libexec/libvirt_iohelper ix, > /etc/libvirt/hooks/** rmix, > /etc/xen/scripts/** rmix, > >-- >2.19.2 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=577724">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 686702
: 577724
