[apparmor] [PATCH] Don't unload libvirt's dynamic profiles on reload
Jamie Strandboge
jamie at canonical.com
Tue Feb 22 17:36:21 UTC 2011
Libvirt generates dynamic profiles using aa_change_profile(). When a
dynamic profile is added, it is of the form of 'libvirt-<vm uuid>'. Eg:
libvirt-b5779634-a136-b0d1-c0a4-0706752c4f25
Currently, the initscripts will unload these profiles on reload, but
they shouldn't touch them[1]. This patch special-cases libvirt's
profiles for now so this does not happen. If more applications use
dynamic profiles, we can in some way generalize this to flag profiles as
dynamic.
[1]https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/702774
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lp702774.patch
Type: text/x-patch
Size: 1800 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110222/4c02cab0/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110222/4c02cab0/attachment.pgp>
More information about the AppArmor
mailing list