External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-07 18:35:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

apparmor: Only support passt on 3.x

Browse Source 
The subprofile can only work by including the abstraction shipped
in the passt package, which we can't assume is present, and
'include if exists' doesn't work well on 2.x.

No distro that's stuck on AppArmor 2.x is likely to be shipping
passt anyway.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
This commit is contained in:
Andrea Bolognani 2023-06-29 11:47:13 +02:00
parent 63a312fa2d
commit 84e01d182e
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/security/apparmor/libvirt-qemu.in
View File

@ -185,6 +185,7 @@
/usr/{lib,lib64}/libswtpm_libtpms.so mr,
/usr/lib/@{multiarch}/libswtpm_libtpms.so mr,
@BEGIN_APPARMOR_3@
# support for passt network back-end
/usr/bin/passt Cx -> passt,
@ -199,6 +200,7 @@
include if exists <abstractions/passt>
}
@END_APPARMOR_3@
# for save and resume
/{usr/,}bin/dash rmix,