[Pkg-libvirt-maintainers] Bug#786650: virt-aa-helper: incomplete apparmor profile
Felix Geyer
fgeyer at debian.org
Fri Jun 12 20:17:49 UTC 2015
Hi,
On Sun, 24 May 2015 16:51:27 +0000 Luke Faraone <lfaraone at debian.org> wrote:
> On Sun, 2015-05-24 at 09:43 +0200, Guido Günther wrote:
> > Hi,
> > thanks for the patch.
> > On Sun, May 24, 2015 at 12:14:48AM +0000, Luke Faraone wrote:
> > [..snip..]
> > > --- usr.lib.libvirt.virt-aa-helper 2015-05-23 23:43:44.751750819 +0000
> > > +++ /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper 2015-05-24 00:03:13.039766331 +0000
> > > @@ -1,7 +1,7 @@
> > > # Last Modified: Mon Apr 5 15:10:27 2010
> > > #include <tunables/global>
> > >
> > > -/usr/lib/libvirt/virt-aa-helper {
> > > +/usr/lib/libvirt/virt-aa-helper flags=(complain) {
> >
> > Is that one needed as well or is it rather a debugging leftover?
>
> Oops, you're right, this was just for debugging. Sorry about that.
I think the problems you are seeing are entirely because of bug #786652.
These denials should be harmless therefore I propose the attached patch.
This is also aligned with what Ubuntu does in their virt-aa-helper profile.
Cheers,
Felix
-------------- next part --------------
A non-text attachment was scrubbed...
Name: virt-aa-helper-profile.diff
Type: text/x-patch
Size: 539 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-libvirt-maintainers/attachments/20150612/9d18d707/attachment-0001.bin>
More information about the Pkg-libvirt-maintainers
mailing list