Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
libvirt.15950
4ec3cf9a-apparmor-rules.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 4ec3cf9a-apparmor-rules.patch of Package libvirt.15950
commit 4ec3cf9a0fc3d76058ea363a6c35df19e67e6261 Author: Jim Fehlig <jfehlig@suse.com> Date: Fri Mar 1 15:05:36 2019 -0700 apparmor: Add ptrace and signal rules for named profile Commit a3ab6d42 changed the libvirtd profile to a named profile but neglected to accommodate the change in the qemu profile ptrace and signal rules. As a result, libvirtd is unable to signal confined qemu processes and hence unable to shutdown or destroy VMs. Add ptrace and signal rules that reference the libvirtd profile by name in addition to full binary path. Signed-off-by: Jim Fehlig <jfehlig@suse.com> Acked-by: Jamie Strandboge <jamie@canonical.com> Index: libvirt-5.1.0/src/security/apparmor/libvirt-qemu =================================================================== --- libvirt-5.1.0.orig/src/security/apparmor/libvirt-qemu +++ libvirt-5.1.0/src/security/apparmor/libvirt-qemu @@ -16,8 +16,10 @@ network inet stream, network inet6 stream, + ptrace (readby, tracedby) peer=libvirtd, ptrace (readby, tracedby) peer=/usr/sbin/libvirtd, + signal (receive) peer=libvirtd, signal (receive) peer=/usr/sbin/libvirtd, /dev/net/tun rw,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor