On Tue, 2019-08-20 at 12:09 -0500, Jamie Strandboge wrote:
> On Tue, 20 Aug 2019, Andrea Bolognani wrote:
> ># Used when internally running another command (namely apparmor_parser)
> > + @{PROC}/self/fd/ r,
>
> /proc/self is a 'magic symlink' and apparmor will resolve symlinks
> before perfor
On Tue, 20 Aug 2019, Andrea Bolognani wrote:
> --- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
> +++ b/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
> @@ -18,8 +18,8 @@ profile virt-aa-helper
> /usr/{lib,lib64}/libvirt/virt-aa-helper {
>@{PROC}/filesystems r,
>
># Used
On Tue, Aug 20, 2019 at 09:56:26AM +0200, Andrea Bolognani wrote:
Tried previously in
commit b1eb8b3e8fd1d4cb1da8e5e2b16f2c10837fd823
Author: Andrea Bolognani
Date: Mon Aug 19 10:23:42 2019 +0200
virt-aa-helper: Fix AppArmor profile
v5.6.0-243-gb1eb8b3e8f
with somewhat disappointing
Tried previously in
commit b1eb8b3e8fd1d4cb1da8e5e2b16f2c10837fd823
Author: Andrea Bolognani
Date: Mon Aug 19 10:23:42 2019 +0200
virt-aa-helper: Fix AppArmor profile
v5.6.0-243-gb1eb8b3e8f
with somewhat disappointing results.
Signed-off-by: Andrea Bolognani
---
src/security/a