apparmor, libvirt-qemu: Allow qemu-block-extra libraries

Allows (multi-arch enabled) access to libraries under the /usr/lib/@{multiarch}/qemu/*.so path in the Debian/Ubuntu qemu-block-extra package and all such libs for the paths of rpm qemu-block-* packages. Bug-Ubuntu: https://bugs.launchpad.net/bugs/1554761 Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2024-12-22 05:35:25 +00:00 · 2017-12-20 08:41:08 +01:00 · 2017-12-20 08:41:08 +01:00 · aa889e412d
commit aa889e412d
parent 50ce59b616
1 changed files with 3 additions and 2 deletions
--- a/examples/apparmor/libvirt-qemu
+++ b/examples/apparmor/libvirt-qemu
@ -152,8 +152,9 @@
  /usr/bin/qemu-sparc64 rmix,
  /usr/bin/qemu-unicore32 rmix,
  /usr/bin/qemu-x86_64 rmix,
-  /usr/{lib,lib64}/qemu/block-curl.so mr,
-  /usr/{lib,lib64}/qemu/block-rbd.so mr,
+  # for Debian/Ubuntu qemu-block-extra / RPMs qemu-block-* (LP: #1554761)
+  /usr/{lib,lib64}/qemu/*.so mr,
+  /usr/lib/@{multiarch}/qemu/*.so mr,

  # for use by libvirt-vnc (LP: #901272)
  /etc/pki/CA/ r,