subject:"\[libvirt\] \[PATCH\] apparmor\: allow qemu abstraction to read \/proc\/pid\/cmdline"

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

2017-12-04 Thread Jamie Strandboge

On Mon, 2017-12-04 at 12:03 +0100, Michal Privoznik wrote: > On 12/01/2017 02:26 PM, Jamie Strandboge wrote: > > On Thu, 2017-11-30 at 10:43 -0700, Jim Fehlig wrote: > > > Noticed the following denial in audit.log when shutting down > > > an apparmor confined domain > > > > > > type=AVC

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

2017-12-04 Thread Jim Fehlig

On 12/04/2017 04:03 AM, Michal Privoznik wrote: On 12/01/2017 02:26 PM, Jamie Strandboge wrote: On Thu, 2017-11-30 at 10:43 -0700, Jim Fehlig wrote: Noticed the following denial in audit.log when shutting down an apparmor confined domain type=AVC msg=audit(1512002299.742:131):

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

2017-12-04 Thread Michal Privoznik

On 12/01/2017 02:26 PM, Jamie Strandboge wrote: > On Thu, 2017-11-30 at 10:43 -0700, Jim Fehlig wrote: >> Noticed the following denial in audit.log when shutting down >> an apparmor confined domain >> >> type=AVC msg=audit(1512002299.742:131): apparmor="DENIED" >> operation="open"

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

2017-12-01 Thread Jim Fehlig

On 12/01/2017 06:26 AM, Jamie Strandboge wrote: On Thu, 2017-11-30 at 10:43 -0700, Jim Fehlig wrote: Noticed the following denial in audit.log when shutting down an apparmor confined domain type=AVC msg=audit(1512002299.742:131): apparmor="DENIED" operation="open"

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

2017-12-01 Thread Jamie Strandboge

On Thu, 2017-11-30 at 10:43 -0700, Jim Fehlig wrote: > Noticed the following denial in audit.log when shutting down > an apparmor confined domain > > type=AVC msg=audit(1512002299.742:131): apparmor="DENIED" > operation="open" profile="libvirt-66154842-e926-4f92-92f0- > 1c1bf61dd1ff" >

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

2017-12-01 Thread intrigeri

Hi, Michal Privoznik: > On 11/30/2017 06:43 PM, Jim Fehlig wrote: >> I must admit it is not clear to me why >> /proc//cmdline is read on domain shutdown. > It's result of these qemu patches: > fbe7e3327a8cfa1b08664c2cda7a0a341cf0530a > 7dc9ae4339faa97e89daadb2e1098147ab4aadc8 > Whenever qemu

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

2017-12-01 Thread Michal Privoznik

On 11/30/2017 06:43 PM, Jim Fehlig wrote: > Noticed the following denial in audit.log when shutting down > an apparmor confined domain > > type=AVC msg=audit(1512002299.742:131): apparmor="DENIED" > operation="open" profile="libvirt-66154842-e926-4f92-92f0-1c1bf61dd1ff" >

[libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

2017-11-30 Thread Jim Fehlig

Noticed the following denial in audit.log when shutting down an apparmor confined domain type=AVC msg=audit(1512002299.742:131): apparmor="DENIED" operation="open" profile="libvirt-66154842-e926-4f92-92f0-1c1bf61dd1ff" name="/proc/1475/cmdline" pid=2958 comm="qemu-system-x86" requested_mask="r"

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

Re: [libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

[libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline

8 matches

Site Navigation

Mail list logo

Footer information