We had the same rule for some time, it just is ordered later in our submission stack and not yet pushed by me or Stefan for review.
But since we have the same rules for quite some time working fine I'm clearly acking that.
Thanks intrigeri!
Acked-by: Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx>
On Tue, Aug 8, 2017 at 11:57 PM, intrigeri <intrigeri+libvirt@xxxxxxxx> wrote:
---
examples/apparmor/libvirt-qemu | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt- qemu
index f462d7428c..dcfb1a5985 100644
--- a/examples/apparmor/libvirt-qemu
+++ b/examples/apparmor/libvirt-qemu
@@ -169,3 +169,9 @@
@{PROC}/device-tree/ r,
@{PROC}/device-tree/** r,
/sys/firmware/devicetree/** r,
+
+ # for gathering information about available host resources
+ /sys/devices/system/cpu/ r,
+ /sys/devices/system/node/ r,
+ /sys/devices/system/node/node[0-9]*/meminfo r,
+ /sys/module/vhost/parameters/max_mem_regions r,
--
2.14.0
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
