mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-24 22:55:23 +00:00
f305d8a191
Otherwise we fail to reconnect to /dev/net/tun opened by libvirtd like [ 8144.507756] audit: type=1400 audit(1505488162.386:38069121): apparmor="DENIED" operation="file_perm" info="Failed name lookup - disconnected path" error=-13 profile="libvirt-5dfcc8a7-b79a-4fa9-a41f-f6271651934c" name="dev/net/tun" pid=9607 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=117 ouid=0 Reviewed-By: Jamie Strandboge <jamie@canonical.com> Acked-By: Michal Privoznik <mprivozn@redhat.com>
16 lines
342 B
Plaintext
16 lines
342 B
Plaintext
#
|
|
# This profile is for the domain whose UUID matches this file.
|
|
#
|
|
|
|
#include <tunables/global>
|
|
|
|
profile LIBVIRT_TEMPLATE flags=(attach_disconnected) {
|
|
#include <abstractions/libvirt-lxc>
|
|
|
|
# Globally allows everything to run under this profile
|
|
# These can be narrowed depending on the container's use.
|
|
file,
|
|
capability,
|
|
network,
|
|
}
|