[libvirt] [PATCH v2] apparmor, virt-aa-helper: Allow access to /sys/bus/usb/devices
Christian Ehrhardt
christian.ehrhardt at canonical.com
Wed Dec 20 10:56:43 UTC 2017
From: Jamie Strandboge <jamie at ubuntu.com>
Required to generate correct profiles when using usb passthrough.
Bug-Ubuntu: https://bugs.launchpad.net/bugs/565691
Signed-off-by: Stefan Bader <stefan.bader at canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Acked-by: Jamie Strandboge <jamie at ubuntu.com>
Acked-by: Intrigeri <intrigeri at boum.org>
---
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 1 +
1 file changed, 1 insertion(+)
diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
index d63c844..6a6558e 100644
--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
@@ -22,6 +22,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
# for hostdev
/sys/devices/ r,
/sys/devices/** r,
+ /sys/bus/usb/devices/ r,
deny /dev/sd* r,
deny /dev/vd* r,
deny /dev/dm-* r,
--
2.7.4
More information about the libvir-list
mailing list