[apparmor] virt-aa-helper: does not support OVMF?

[Felix Geyer]

Hi,

On 11.08.2015 22:32, Jamie Strandboge wrote:
> It is missing in both Ubuntu and Debian. src/security/virt-aa-helper.c needs to
> update override[] in valid_path() to have '/usr/share/ovmf/'. I'll comment in
> the Ubuntu bug.

Maybe I'm missing something but the blacklist in valid_path() seems overly paranoid.
Allowing it to add read-only access to files from /usr/share should be harmless.
Especially considering it can allow write access to /home, /root and /dev (yes, I know
it has to).

Cheers,
Felix