]> xenbits.xensource.com Git - libvirt.git/commit
projects / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 291f68b) | patch
virt-aa-helper: handle more disk images
authorCédric Bosdonnat <cbosdonnat@suse.com>
Mon, 11 Dec 2017 10:09:31 +0000 (11:09 +0100)
committerCédric Bosdonnat <cbosdonnat@suse.com>
Wed, 20 Dec 2017 10:05:54 +0000 (11:05 +0100)
commit0f33025a43788f7f3483dfac6ab0b9f79c0d7957
treeb96a6b930c276184a59d780574f4f5047d308309tree
parent291f68b5da78a303c58ca45b5d8be61e8047d328commit | diff
virt-aa-helper: handle more disk images

virt-aa-helper needs read access to the disk image to resolve symlinks
and add the proper rules to the profile. Its profile whitelists a few
common paths, but users can place their images anywhere.

This commit helps users allowing access to their images by adding their
own rules in apparmor.d/local/usr.lib.libvirt.virt-aa-helper.

This commit also adds rules to allow reading files named:
  - *.raw as this is a rather common disk image extension
  - /run/libvirt/**[vd]d[a-z] as these are used by virt-sandbox
examples/Makefile.am diff | blob | blame | history
examples/apparmor/usr.lib.libvirt.virt-aa-helper diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.