Attached is 0002-apparmor-chardev.patch -- Jamie Strandboge | http://www.canonical.com
Author: Jamie Strandboge <jamie@xxxxxxxxxxxxx>
Description: fix serial ports, parallel ports and channels
Forwarded: yes
Bug-Ubuntu: LP: #578527, LP: #609055
Index: libvirt-0.8.3/src/security/virt-aa-helper.c
===================================================================
--- libvirt-0.8.3.orig/src/security/virt-aa-helper.c 2010-08-12 12:00:04.000000000 -0500
+++ libvirt-0.8.3/src/security/virt-aa-helper.c 2010-08-12 12:00:04.000000000 -0500
@@ -877,13 +877,27 @@
for (i = 0; i < ctl->def->nserials; i++)
if (ctl->def->serials[i] && ctl->def->serials[i]->data.file.path)
if (vah_add_file(&buf,
- ctl->def->serials[i]->data.file.path, "w") != 0)
+ ctl->def->serials[i]->data.file.path, "rw") != 0)
goto clean;
if (ctl->def->console && ctl->def->console->data.file.path)
- if (vah_add_file(&buf, ctl->def->console->data.file.path, "w") != 0)
+ if (vah_add_file(&buf, ctl->def->console->data.file.path, "rw") != 0)
goto clean;
+ for (i = 0 ; i < ctl->def->nparallels; i++)
+ if (ctl->def->parallels[i] && ctl->def->parallels[i]->data.file.path)
+ if (vah_add_file(&buf,
+ ctl->def->parallels[i]->data.file.path,
+ "rw") != 0)
+ goto clean;
+
+ for (i = 0 ; i < ctl->def->nchannels; i++)
+ if (ctl->def->channels[i] && ctl->def->channels[i]->data.file.path)
+ if (vah_add_file(&buf,
+ ctl->def->channels[i]->data.file.path,
+ "rw") != 0)
+ goto clean;
+
if (ctl->def->os.kernel)
if (vah_add_file(&buf, ctl->def->os.kernel, "r") != 0)
goto clean;
Index: libvirt-0.8.3/tests/virt-aa-helper-test
===================================================================
--- libvirt-0.8.3.orig/tests/virt-aa-helper-test 2010-08-12 12:00:13.000000000 -0500
+++ libvirt-0.8.3/tests/virt-aa-helper-test 2010-08-12 12:13:41.000000000 -0500
@@ -246,6 +246,9 @@
cat "$template_xml" | sed "s,###UUID###,$uuid,g" | sed "s,###DISK###,$disk1,g" | sed "s,</devices>,<serial type='pty'><target port='0'/></serial></devices>,g" > "$test_xml"
testme "0" "serial (pty)" "-r -u $valid_uuid" "$test_xml"
+cat "$template_xml" | sed "s,###UUID###,$uuid,g" | sed "s,###DISK###,$disk1,g" | sed "s,</devices>,<serial type='dev'><source path='/dev/ttyS0'/><target port='0'/></serial></devices>,g" > "$test_xml"
+testme "0" "serial (dev)" "-r -u $valid_uuid" "$test_xml"
+
cat "$template_xml" | sed "s,###UUID###,$uuid,g" | sed "s,###DISK###,$disk1,g" | sed "s,</devices>,<console type='file'><source path='$tmpdir/console.log'/><target port='0'/></console></devices>,g" > "$test_xml"
touch "$tmpdir/console.log"
testme "0" "console" "-r -u $valid_uuid" "$test_xml"
@@ -253,6 +256,16 @@
cat "$template_xml" | sed "s,###UUID###,$uuid,g" | sed "s,###DISK###,$disk1,g" | sed "s,</devices>,<console type='pty'><target port='0'/></console></devices>,g" > "$test_xml"
testme "0" "console (pty)" "-r -u $valid_uuid" "$test_xml"
+cat "$template_xml" | sed "s,###UUID###,$uuid,g" | sed "s,###DISK###,$disk1,g" | sed "s,</devices>,<parallel type='pty'><source path='/dev/pts/0'/><target port='0'/></parallel></devices>,g" > "$test_xml"
+testme "0" "parallel (pty)" "-r -u $valid_uuid" "$test_xml"
+
+cat "$template_xml" | sed "s,###UUID###,$uuid,g" | sed "s,###DISK###,$disk1,g" | sed "s,</devices>,<channel type='unix'><source mode='bind' path='$tmpdir/guestfwd'/><target type='guestfwd' address='10.0.2.1' port='4600'/></channel></devices>,g" > "$test_xml"
+touch "$tmpdir/guestfwd"
+testme "0" "channel (unix)" "-r -u $valid_uuid" "$test_xml"
+
+cat "$template_xml" | sed "s,###UUID###,$uuid,g" | sed "s,###DISK###,$disk1,g" | sed "s,</devices>,<channel type='pty'><target type='virtio'/></channel></devices>,g" > "$test_xml"
+testme "0" "channel (pty)" "-r -u $valid_uuid" "$test_xml"
+
cat "$template_xml" | sed "s,###UUID###,$uuid,g" | sed "s,###DISK###,$disk1,g" | sed "s,</os>,<kernel>$tmpdir/kernel</kernel></os>,g" > "$test_xml"
touch "$tmpdir/kernel"
testme "0" "kernel" "-r -u $valid_uuid" "$test_xml"
Attachment:
signature.asc
Description: This is a digitally signed message part
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list