[libvirt] [PATCH v2] security: AppArmor profile fixes for swtpm
Michal Privoznik
mprivozn at redhat.com
Mon Sep 30 13:16:11 UTC 2019
On 9/24/19 9:25 PM, Chris Coulson wrote:
> The AppArmor profile generated by virt-aa-helper is too strict for swtpm.
> This change contains 2 small fixes:
> - Relax append access to swtpm's log file to permit write access instead.
> Append access is insufficient because the log is opened with O_CREAT.
> - Permit swtpm to acquire a lock on its lock file.
>
> Signed-off-by: Chris Coulson <chris.coulson at canonical.com>
> ---
> src/security/virt-aa-helper.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
Reviewed-by: Michal Privoznik <mprivozn at redhat.com> and pushed.
Congratulations on your first libvirt contribution.
Michal
More information about the libvir-list
mailing list