[libvirt] [PATCH 1/1] apparmor: use TEMPLATE.qemu for kvm
Serge Hallyn
serge.hallyn at ubuntu.com
Thu Sep 18 19:37:18 UTC 2014
virDomainVirtTypeToString() returns 'qemu' and 'kvm' separately.
Don't require a separate apparmor profile for both, rather always
look for TEMPLATE.qemu.
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
---
src/security/virt-aa-helper.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index a06ba44..0447248 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -341,15 +341,19 @@ create_profile(const char *profile, const char *profile_name,
int tlen, plen;
int fd;
int rc = -1;
+ const char *virttype;
if (virFileExists(profile)) {
vah_error(NULL, 0, _("profile exists"));
goto end;
}
+ virttype = virDomainVirtTypeToString(virtType);
+ if (strcmp(virttype, "kvm") == 0)
+ virttype = "qemu";
if (virAsprintfQuiet(&template, "%s/TEMPLATE.%s", APPARMOR_DIR "/libvirt",
- virDomainVirtTypeToString(virtType)) < 0) {
+ virttype) < 0) {
vah_error(NULL, 0, _("template name exceeds maximum length"));
goto end;
}
--
2.1.0
More information about the libvir-list
mailing list