commit 4b9a07eb9be98c56a622379ba2055f0f9d5dce30
Author: Christian Boltz <apparmor@cboltz.de>
Date:   Tue Feb 26 21:05:16 2019 +0100

    Revert /usr/{bin,sbin}/ alternation in dnsmasq profile
    
    Even if we expected it to stay compatible with peer=/usr/sbin/dnsmasq in
    the libvirtd profile, practise shows that we were wrong.
    
    This patch reverts the profile name to /usr/sbin/dnsmasq, and re-adds
    the libvirtd peer name /usr/sbin/libvirtd to avoid breaking libvirtd.
    
    References: https://bugzilla.opensuse.org/show_bug.cgi?id=1127073

diff --git a/profiles/apparmor.d/usr.sbin.dnsmasq b/profiles/apparmor.d/usr.sbin.dnsmasq
index 3f66a17e..2dc8902e 100644
--- a/profiles/apparmor.d/usr.sbin.dnsmasq
+++ b/profiles/apparmor.d/usr.sbin.dnsmasq
@@ -12,7 +12,7 @@
 @{TFTP_DIR}=/var/tftp /srv/tftpboot
 
 #include <tunables/global>
-/usr/{bin,sbin}/dnsmasq flags=(attach_disconnected) {
+/usr/sbin/dnsmasq flags=(attach_disconnected) {
   #include <abstractions/base>
   #include <abstractions/dbus>
   #include <abstractions/nameservice>
@@ -28,8 +28,10 @@
   network inet6 raw,
 
   signal (receive) peer=/usr/{bin,sbin}/libvirtd,
+  signal (receive) peer=/usr/sbin/libvirtd,
   signal (receive) peer=libvirtd,
   ptrace (readby) peer=/usr/{bin,sbin}/libvirtd,
+  ptrace (readby) peer=/usr/sbin/libvirtd,
   ptrace (readby) peer=libvirtd,
 
   owner /dev/tty rw,