[libvirt] [PATCH 07/12] apparmor, libvirt-qemu: add default pki path of lbvirt-spice
intrigeri
intrigeri+libvirt at boum.org
Wed Dec 20 09:45:08 UTC 2017
Jamie Strandboge:
>> + # for use by libvirt-spice (LP: #1690140)
>> + /etc/pki/libvirt-spice/ r,
>> + /etc/pki/libvirt-spice/** r,
> +1 to apply
+1 as well, although I'd prefer some minor refactoring to merge this
with the 2 already existing libvirt-vnc PKI sections (that were added
in two different places in the file 7 years apart, but apparently are
about the exact same use case).
Something like this should allow replacing these two existing sections
and the third one you're proposing we add:
# for use by libvirt-vnc and libvirt-spice (LP: #901272, #1690140)
/etc/pki/CA/ r,
/etc/pki/CA/* r,
/etc/pki/libvirt{,-spice,-vnc}/ r,
/etc/pki/libvirt{,-spice,-vnc}/** r,
What do you think?
Cheers,
--
intrigeri
More information about the libvir-list
mailing list