Re: [PATCH v2] apparmor: use AppArmorSetFDLabel for both imageFD and tapFD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 03/08/2013 05:21 AM, Jim Fehlig wrote:

Guannan Ren wrote:

Rename AppArmorSetImageFDLabel to AppArmorSetFDLabel which could
be used as a common function for *ALL* fd relabelling in Linux.

In apparmor profile for specific vm with uuid cdbebdfa-1d6d-65c3-be0f-fd74b978a773
Path: /etc/apparmor.d/libvirt/libvirt-cdbebdfa-1d6d-65c3-be0f-fd74b978a773.files
The last line is for the tapfd relabelling.

  # DO NOT EDIT THIS FILE DIRECTLY. IT IS MANAGED BY LIBVIRT.
   "/var/log/libvirt/**/rhel6qcow2.log" w,
   "/var/lib/libvirt/**/rhel6qcow2.monitor" rw,
   "/var/run/libvirt/**/rhel6qcow2.pid" rwk,
   "/run/libvirt/**/rhel6qcow2.pid" rwk,
   "/var/run/libvirt/**/*.tunnelmigrate.dest.rhel6qcow2" rw,
   "/run/libvirt/**/*.tunnelmigrate.dest.rhel6qcow2" rw,
   "/var/lib/libvirt/images/rhel6u3qcow2.img" rw,
   "/dev/tap45" rw,
---
  src/security/security_apparmor.c | 20 +++++---------------
  1 file changed, 5 insertions(+), 15 deletions(-)

ACK.



    Thanks, pushed.

    Guannan

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]