Commit Graph

8 Commits

Author SHA1 Message Date
Christian Ehrhardt
b4470515f6 apparmor, virt-aa-helper: allow ipv6
In case ipv6 is used the network inet6 permission is required for
virt-aa-helper.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2017-11-07 16:57:32 +01:00
Felix Geyer
dd875fb326 apparmor, virt-aa-helper: Explicit denies for host devices
Add explicit denies for disk devices to avoid cluttering dmesg with
(acceptable) denials.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Guido Günther <agx@sigxcpu.org>
2017-05-19 09:48:23 +02:00
Felix Geyer
95740052ea apparmor, virt-aa-helper: Allow access to libnl-3 config files
Allow access to libnl-3 config files

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Guido Günther <agx@sigxcpu.org>
2017-05-19 09:48:23 +02:00
intrigeri
de79efdeb8 AppArmor policy: support merged-/usr.
Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.co>
2016-12-12 14:08:35 +00:00
Cedric Bosdonnat
30c6aecc44 Teach AppArmor, that /usr/lib64 may exist.
The apparmor profiles forgot about /usr/lib64 folders, just add lib64
as a possible alternative to lib in the paths
2015-01-05 09:46:35 +01:00
Felix Geyer
f88a3d9b0c apparmor: Improve profiles
Tested on Debian unstable.
The profile updates are partly taken from the Ubuntu trusty libvirt package.

Signed-off-by: Guido Günther <agx@sigxcpu.org>
2014-02-07 19:16:51 +01:00
Jamie Strandboge
2df320609a Improve the apparmor example
* examples/apparmor/libvirt-qemu examples/apparmor/usr.sbin.libvirtd
  examples/apparmor/usr.lib.libvirt.virt-aa-helper: Update the examples
2010-04-06 23:01:24 +02:00
Jamie Strandboge
624a7927f0 Documentation and examples for SVirt Apparmor driver
* docs/drvqemu.html.in: include documentation for AppArmor sVirt
  confinement
* examples/apparmor/TEMPLATE examples/apparmor/libvirt-qemu
  examples/apparmor/usr.lib.libvirt.virt-aa-helper
  examples/apparmor/usr.sbin.libvirtd: example templates and
  configuration files for SVirt Apparmor when using KVM/QEmu
2009-10-08 16:42:05 +02:00