[libvirt] [PATCH] apparmor: allow libvirt to send term signal to unconfined
Christian Ehrhardt
christian.ehrhardt at canonical.com
Tue Feb 6 14:54:05 UTC 2018
On Thu, Jan 25, 2018 at 9:09 PM, Jamie Strandboge <jamie at canonical.com> wrote:
> On Wed, 2018-01-24 at 10:41 +0100, intrigeri wrote:
>> Hi,
>>
>>
>> Guido Günther:
>> > --- a/examples/apparmor/usr.sbin.libvirtd
>> > +++ b/examples/apparmor/usr.sbin.libvirtd
>> > @@ -63,7 +63,7 @@
>> > signal (send) peer=/usr/sbin/dnsmasq,
>> > signal (read, send) peer=libvirt-*,
>> > - signal (send) set=("kill") peer=unconfined,
>> > + signal (send) set=("kill", "term") peer=unconfined,
>>
> LGTM too. +1 to apply.
2 x +1
1x resolved Discussion
IMHO nothing should block this from being committed - so ping?
+1 from me as well btw
--
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
More information about the libvir-list
mailing list