[PATCH V3 0/2] Apparmor: Add profiles for hypervisor daemons
Jim Fehlig
jfehlig at suse.com
Thu Jun 24 20:48:57 UTC 2021
V2: https://listman.redhat.com/archives/libvir-list/2021-June/msg00676.html
V1: https://listman.redhat.com/archives/libvir-list/2021-June/msg00456.html
Changes since V2:
Patches 3 and 4 ACKed and pushed since they are bug fixes independent of
modular vs monolithic daemons.
The qemu_bridge_helper subprofile in patch 1 was adjusted for
communication with virtqemud instead of libvirtd.
After snooping through git history, I found a few capabilities explicitly
added for xen that have been added back to the virtxend profile.
Note: The profile for virtlxcd will have to wait until the following
issue is fixed
https://gitlab.com/libvirt/libvirt/-/issues/181
Jim Fehlig (2):
Apparmor: Add profile for virtqemud
Apparmor: Add profile for virtxend
src/security/apparmor/libvirt-qemu | 3 +
src/security/apparmor/meson.build | 2 +
src/security/apparmor/usr.sbin.virtqemud.in | 134 ++++++++++++++++++++
src/security/apparmor/usr.sbin.virtxend.in | 55 ++++++++
4 files changed, 194 insertions(+)
create mode 100644 src/security/apparmor/usr.sbin.virtqemud.in
create mode 100644 src/security/apparmor/usr.sbin.virtxend.in
--
2.31.1
More information about the libvir-list
mailing list