[Pkg-libvirt-commits] [libvirt] 01/04: Allow access to libnl-3 configuration

Guido Guenther agx at moszumanska.debian.org
Mon Aug 24 07:04:37 UTC 2015 

This is an automated email from the git hooks/post-receive script.

agx pushed a commit to branch debian/jessie
in repository libvirt.

commit 9fb6c5995dee072928fc591ac6c4d7109b7ec68a
Author: Felix Geyer <fgeyer at debian.org>
Date:   Sat Jun 13 10:35:02 2015 +0200

    Allow access to libnl-3 configuration
    
    Closes: #786652
---
 .../Allow-access-to-libnl-3-config-files.patch     | 30 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 2 files changed, 31 insertions(+)

diff --git a/debian/patches/Allow-access-to-libnl-3-config-files.patch b/debian/patches/Allow-access-to-libnl-3-config-files.patch
new file mode 100644
index 0000000..6932e41
--- /dev/null
+++ b/debian/patches/Allow-access-to-libnl-3-config-files.patch
@@ -0,0 +1,30 @@
+From: Felix Geyer <fgeyer at debian.org>
+Date: Sat, 13 Jun 2015 10:22:40 +0200
+Subject: Allow access to libnl-3 config files
+
+Closes: #786650
+---
+ examples/apparmor/usr.lib.libvirt.virt-aa-helper | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+index bceaaff..60739d0 100644
+--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
++++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+@@ -16,9 +16,16 @@
+   owner @{PROC}/[0-9]*/status r,
+   @{PROC}/filesystems r,
+ 
++  /etc/libnl-3/classid r,
++
+   # for hostdev
+   /sys/devices/ r,
+   /sys/devices/** r,
++  deny /dev/sd* r,
++  deny /dev/vd* r,
++  deny /dev/dm-* r,
++  deny /dev/mapper/ r,
++  deny /dev/mapper/* r,
+ 
+   /usr/lib/libvirt/virt-aa-helper mr,
+   /sbin/apparmor_parser Ux,
diff --git a/debian/patches/series b/debian/patches/series
index d236118..883a8b0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -28,3 +28,4 @@ security/CVE-2015-0236-qemu-Check-ACLs-when-dumping-security-.patch
 security/CVE-2015-0236-qemu-Check-ACLs-when-dumping-securi-14.patch
 qemu-Don-t-try-to-parse-help-for-new-QEM.patch
 upstream/Teach-virt-aa-helper-to-use-TEMPLATE.qemu-if-the-dom.patch
+Allow-access-to-libnl-3-config-files.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libvirt.git

More information about the Pkg-libvirt-commits mailing list