With Jamie Strandboge's help it should be restricted a bit more by adding addr=none: unix (send, receive) type=stream addr=none peer=(label=/usr/sbin/libvirtd), On Tue, Feb 28, 2017 at 1:48 PM, Bryan Quigley <bryan.quigley@xxxxxxxxxxxxx> wrote: > Also see Ubuntu bug > https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1668681 > First reported https://askubuntu.com/questions/833964/virt-manager-cant-connect-to-graphical-console/888220#888220 > > --- > examples/apparmor/libvirt-qemu | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu > index a9020aa..19d99e5 100644 > --- a/examples/apparmor/libvirt-qemu > +++ b/examples/apparmor/libvirt-qemu > @@ -151,3 +151,6 @@ > /etc/udev/udev.conf r, > /sys/bus/ r, > /sys/class/ r, > + > + # allow connect with openGraphicsFD to work > + unix (send, receive) type=stream peer=(label=/usr/sbin/libvirtd), > -- > 2.10.2 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
