[libvirt PATCH 1/1] apparmor: Allow umount(/dev)
Andrea Bolognani
abologna at redhat.com
Wed Jan 18 17:07:19 UTC 2023
On Wed, Jan 18, 2023 at 08:59:23AM -0700, Jim Fehlig wrote:
> On 1/18/23 03:45, Andrea Bolognani wrote:
> > Jim, it looks like you came up with exactly the same solution as
> > me, despite concerns about the size of the resulting hammer. Any
> > other ideas, or should we just go ahead and merge this as-is?
>
> My apparmor skills are too weak to select a smaller tool, so I'd say merge
> as-is. It wasn't clear to me if/why the umount of /dev was actually needed,
> but Michal did an excellent job of describing why it is.
Okay, pushed now.
Does this warrant creating a maintenance branch / release? 9.0.0 is
basically unusable out of the box on AppArmor hosts...
On the other hand, package maintainers for Debian/Ubuntu and openSUSE
are aware of the issue and know exactly which commit they need to
backport. Are there other distros out there using AppArmor?
--
Andrea Bolognani / Red Hat / Virtualization
More information about the libvir-list
mailing list