[libvirt] [PATCH 07/10] apparmor: include local apparmor profiles

[Stefan Bader]

From: Felix Geyer <fgeyer at debian.org>

Local overrides is a feature Debian/Ubuntu libvirt provided for a while.
This allows the user to have a non-conffile that he can use to extend the
package delivered rules with extra content matching his special case.

This change adds the include directives to the apparmor profiles
for virt-aa-helper and libvirtd.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Signed-off-by: Stefan Bader <stefan.bader at canonical.com>
---
 examples/apparmor/usr.lib.libvirt.virt-aa-helper | 3 +++
 examples/apparmor/usr.sbin.libvirtd              | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
index 012080c..93ba74e 100644
--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
@@ -56,4 +56,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
   /**.vmdk r,
   /**.[iI][sS][oO] r,
   /**/disk{,.*} r,
+
+  # Site-specific additions and overrides. See local/README for details.
+  #include <local/usr.lib.libvirt.virt-aa-helper>
 }
diff --git a/examples/apparmor/usr.sbin.libvirtd b/examples/apparmor/usr.sbin.libvirtd
index 353b039..c37d5ee 100644
--- a/examples/apparmor/usr.sbin.libvirtd
+++ b/examples/apparmor/usr.sbin.libvirtd
@@ -85,4 +85,7 @@
 
    /usr/{lib,lib64,lib/qemu,libexec}/qemu-bridge-helper rmix,
   }
+
+  # Site-specific additions and overrides. See local/README for details.
+  #include <local/usr.sbin.libvirtd>
 }
-- 
2.7.4