Hi, The release team (righfully asked)
On Fri, Jun 12, 2015 at 10:17:49PM +0200, Felix Geyer wrote: [..snip..] > --- libvirt-1.2.16.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper > +++ libvirt-1.2.16/examples/apparmor/usr.lib.libvirt.virt-aa-helper > @@ -16,9 +16,16 @@ profile virt-aa-helper /usr/{lib,lib64}/ > owner @{PROC}/[0-9]*/status r, > @{PROC}/filesystems r, > > + /etc/libnl-3/classid r, > + While this is needed... > # for hostdev > /sys/devices/ r, > /sys/devices/** r, > + deny /dev/sd* r, > + deny /dev/vd* r, > + deny /dev/dm-* r, > + deny /dev/mapper/ r, > + deny /dev/mapper/* r, ...what is this for? We don't have this hunk upstream either. Cheers, -- Guido