Hi, this is a continuation of the ongoing effort to feed back Ubuntu apparmor Delta on libvirt to the community (or to sort out remaining todos or to keep them distro specific). In that it is a follow on to: - https://www.redhat.com/archives/libvir-list/2017-May/msg00630.html - https://www.redhat.com/archives/libvir-list/2017-May/msg00887.html I punted those we had discussions on and decided to rework in the last rounds out of the submission. But in exchange pulled in some more changes we had that are now ready for discussion. That way I prepared the next set of 12 changes which I hereby submit for your consideration into 3.11. Christian Ehrhardt (3): apparmor, libvirt-qemu: add default pki path of lbvirt-spice apparmor, libvirt-qemu: add generic base vfio device apparmor, libvirt-qemu: qemu won't call qemu-nbd Jamie Strandboge (5): apparmor, libvirt-qemu: Allow read access to sysfs system info apparmor, libvirt-qemu: Allow qemu-block-extra libraries apparmor, libvirtd: Allow ixr to /var/lib/libvirt/virtd* apparmor, virt-aa-helper: Allow access to ecryptfs files apparmor, virt-aa-helper: Allow access to /sys/bus/usb/devices Serge Hallyn (3): apparmor, libvirt-qemu: Allow use of sgabios apparmor, libvirt-qemu: Allow read access to max_mem_regions apparmor, libvirt-qemu: Allow access to hugepage mounts Stefan Bader (1): apparmor, libvirt-qemu: Silence lttng related deny messages examples/apparmor/libvirt-qemu | 26 +++++++++++++++++++++++- examples/apparmor/usr.lib.libvirt.virt-aa-helper | 6 ++++++ examples/apparmor/usr.sbin.libvirtd | 4 ++++ 3 files changed, 35 insertions(+), 1 deletion(-) -- 2.7.4 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
