[libvirt] [PATCH v2 2/2] security: aa-helper: generate more rules for gl devices
Jamie Strandboge
jamie at canonical.com
Fri Feb 22 13:42:31 UTC 2019
On Mon, 18 Feb 2019, Christian Ehrhardt wrote:
> + virBufferAddLit(&buf, " \"/usr/lib{,32,64}/dri/**.so\" mr,\n");
> + virBufferAddLit(&buf, " \"/usr/lib/@{multiarch}/dri/**.so\" mr,\n");
> + virBufferAddLit(&buf, " \"/usr/lib/fglrx/dri/**.so\" mr,\n");
I'm sorry I think I wasn't clear on how to add in the .so files. I suggest:
virBufferAddLit(&buf, " \"/usr/lib{,32,64}/dri/*.so*\" mr,\n");
virBufferAddLit(&buf, " \"/usr/lib/@{multiarch}/dri/*.so*\" mr,\n");
virBufferAddLit(&buf, " \"/usr/lib/fglrx/dri/*.so*\" mr,\n");
This is slightly futureproofed with the trailing '*'. On my system, the '**'
wasn't needed, but if you observe systems where it is, feel free to keep it.
The other parts of this patch looked fine.
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20190222/2ed2b2bc/attachment-0001.sig>
More information about the libvir-list
mailing list