[libvirt] [PATCH 05/12] apparmor, libvirt-qemu: Allow qemu-block-extra libraries
Christian Ehrhardt
christian.ehrhardt at canonical.com
Wed Dec 20 07:40:39 UTC 2017
On Tue, Dec 19, 2017 at 5:09 PM, Jamie Strandboge <jamie at canonical.com> wrote:
> On Tue, 2017-12-19 at 16:03 +0100, Christian Ehrhardt wrote:
>> From: Jamie Strandboge <jamie at ubuntu.com>
>>
>> Allows (multi-arch enabled) access to libraries under the
>> /usr/lib/@{multiarch}/qemu/*.so path in the Debian/Ubuntu
>> qemu-block-extra package.
>>
>> Bug-Ubuntu: https://bugs.launchpad.net/bugs/1554761
>>
>> Signed-off-by: Christian Ehrhardt <christian.ehrhardt at canonical.com>
>> ---
>> examples/apparmor/libvirt-qemu | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/examples/apparmor/libvirt-qemu
>> b/examples/apparmor/libvirt-qemu
>> index 91d0e02..912b4ac 100644
>> --- a/examples/apparmor/libvirt-qemu
>> +++ b/examples/apparmor/libvirt-qemu
>> @@ -161,6 +161,9 @@
>> /usr/{lib,lib64}/qemu/block-curl.so mr,
>> /usr/{lib,lib64}/qemu/block-rbd.so mr,
>>
>> + # for Debian/Ubuntu qemu-block-extra (LP: #1554761)
>> + /usr/lib/@{multiarch}/qemu/*.so rm,
>> +
>
> +1 as is (though s/rm/mr/ for consistency),
ack
> but on my system I see
> block-curl.so, block-isci.so and block-rdb.so. I think it probably
> makes to adjust this rule block to simply be:
Yeah the number of those so's can change anyway.
The upper path is mostly for rpm systems, but e.g. SuSe is
rpm+apparmor so your suggestion is great.
> /usr/{lib,lib64}/qemu/*.so mr,
> /usr/lib/@{multiarch}/qemu/*.so mr,
More information about the libvir-list
mailing list