Re: [PATCH] apparmor: fix ptrace rules with kernel 4.18

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Aug 24, 2018 at 08:12:11AM +0200, Christian Ehrhardt wrote:
> Due to kernel upstream change 338d0be4 ("apparmor: fix ptrace read check")
> libvirt now hits apparmor denies like:
>   apparmor="DENIED" operation="ptrace" profile="/usr/sbin/libvirtd"
>   pid=4409 comm="libvirtd" requested_mask="read" denied_mask="read"
>   peer="libvirt-14e92a75-7668-4b97-8f92-322fc1b9c78a"
>
> Extend the ptrace rule to also allow 'ptrace (read)' for libvirtd to work
> with these newer kernels.
>
> Fixes: https://bugs.launchpad.net/bugs/1788603
>
> Reported-by: Thadeu Lima de Souza Cascardo <thadeu.cascardo@xxxxxxxxxxxxx>
> Signed-off-by: Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx>
> ---
Reviewed-by: Erik Skultety <eskultet@xxxxxxxxxx>

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux