[Bug 656173] Re: virt-aa-helper generate incomplete apparmor profiles with chained backing files
James Page
656173 at bugs.launchpad.net
Thu Oct 7 15:23:10 BST 2010
OK; I've now managed to re-produce the issue; It appears that virt-aa-
helper only parses backing_files one level; in this case the full chain
is two levels/three files, so the base qcow2 image is not included in
the apparmor profile:
"/var/log/libvirt/**/test.log" w,
"/var/lib/libvirt/**/test.monitor" rw,
"/var/run/libvirt/**/test.pid" rwk,
"/home/jamespage/vms/test.qcow2" rw,
"/home/jamespage/vms/test_base.qcow2" r,
# don't audit writes to readonly files
deny "/home/jamespage/vms/test_base.qcow2" w,
I incidentally found a potential bug in virt-install; it does not appear
to recognise .qcow2 files and generates an xml definition with the disk
type as raw.
--
virt-aa-helper generate incomplete apparmor profiles with chained backing files
https://bugs.launchpad.net/bugs/656173
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
More information about the Ubuntu-server-bugs
mailing list