External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-09 06:25:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

virt-aa-helper: Drop unnecessary AppArmor rule

Browse Source 
Apparently /proc/self is automatically converted to /proc/@{pid}
before checking rules, which makes spelling it out explicitly
redundant.

Suggested-by: Jamie Strandboge <jamie@canonical.com>
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
This commit is contained in:
Andrea Bolognani 2019-08-21 09:42:39 +02:00
parent 359c7c1e94
commit 60dfe76990
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/security/apparmor/usr.lib.libvirt.virt-aa-helper
View File

@ -18,7 +18,6 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
@{PROC}/filesystems r,
# Used when internally running another command (namely apparmor_parser)
@{PROC}/self/fd/ r,
@{PROC}/@{pid}/fd/ r,
/etc/libnl-3/classid r,