apparmor, virt-aa-helper: Allow access to /sys/bus/usb/devices

author Jamie Strandboge <jamie@ubuntu.com>

Wed, 20 Dec 2017 10:56:43 +0000 (11:56 +0100)

committer Cédric Bosdonnat <cbosdonnat@suse.com>

Tue, 9 Jan 2018 09:08:57 +0000 (10:08 +0100)
author Jamie Strandboge <jamie@ubuntu.com>
Wed, 20 Dec 2017 10:56:43 +0000 (11:56 +0100)
committer Cédric Bosdonnat <cbosdonnat@suse.com>
Tue, 9 Jan 2018 09:08:57 +0000 (10:08 +0100)
diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper

index 105f09e43d5fde06c17ea6fb325e77b6fbd49cfa..6869685c053d13c7bb1e562362e6eb5151d7bd7c 100644 (file)
--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
@@ -22,6 +22,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
    # for hostdev
    /sys/devices/ r,
    /sys/devices/** r,
+  /sys/bus/usb/devices/ r,
    deny /dev/sd* r,
    deny /dev/vd* r,
    deny /dev/dm-* r,
author	Jamie Strandboge <jamie@ubuntu.com>
	Wed, 20 Dec 2017 10:56:43 +0000 (11:56 +0100)
committer	Cédric Bosdonnat <cbosdonnat@suse.com>
	Tue, 9 Jan 2018 09:08:57 +0000 (10:08 +0100)