Re: [libvirt PATCH 1/1] apparmor: Allow umount(/dev)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/18/23 10:07, Andrea Bolognani wrote:
On Wed, Jan 18, 2023 at 08:59:23AM -0700, Jim Fehlig wrote:
On 1/18/23 03:45, Andrea Bolognani wrote:
Jim, it looks like you came up with exactly the same solution as
me, despite concerns about the size of the resulting hammer. Any
other ideas, or should we just go ahead and merge this as-is?

My apparmor skills are too weak to select a smaller tool, so I'd say merge
as-is. It wasn't clear to me if/why the umount of /dev  was actually needed,
but Michal did an excellent job of describing why it is.

Okay, pushed now.

Does this warrant creating a maintenance branch / release? 9.0.0 is
basically unusable out of the box on AppArmor hosts...

There have been similar issues with past releases, e.g. a bug in the libxl driver preventing libvirt use with Xen.

On the other hand, package maintainers for Debian/Ubuntu and openSUSE
are aware of the issue and know exactly which commit they need to
backport.

Like the past cases, I'm fine backporting the commit.

> Are there other distros out there using AppArmor?

Not that I'm aware of.

Regards,
Jim




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux