From ec267e5c8faa3cf0661aeff4b154fa314b7e6ac607cd8bb990534b98c5de562c Mon Sep 17 00:00:00 2001
From: James Fehlig <jfehlig@suse.com>
Date: Mon, 14 Oct 2013 22:04:45 +0000
Subject: [PATCH] - virt-aa-helper apparmor profile was denying read access to 
  /proc/$PID/*.  Give read accesss to these files.   Updated
 install-apparmor-profiles.patch   bnc#841720

OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=305
---
 install-apparmor-profiles.patch | 3 ++-
 libvirt.changes                 | 8 ++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/install-apparmor-profiles.patch b/install-apparmor-profiles.patch
index 5cb6574..b3a7bcb 100644
--- a/install-apparmor-profiles.patch
+++ b/install-apparmor-profiles.patch
@@ -57,7 +57,7 @@ Index: libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
 ===================================================================
 --- /dev/null
 +++ libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
-@@ -0,0 +1,40 @@
+@@ -0,0 +1,41 @@
 +# Last Modified: Fri Aug 19 11:21:48 2011
 +#include <tunables/global>
 +
@@ -71,6 +71,7 @@ Index: libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
 +  # needed for when disk is on a network filesystem
 +  network inet,
 +
++  @{PROC}/[0-9]** r,
 +  deny @{PROC}/[0-9]*/mounts r,
 +  @{PROC}/filesystems r,
 +
diff --git a/libvirt.changes b/libvirt.changes
index 73c4675..7532647 100644
--- a/libvirt.changes
+++ b/libvirt.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Oct 14 16:01:46 MDT 2013 - jfehlig@suse.com
+
+- virt-aa-helper apparmor profile was denying read access to
+  /proc/$PID/*.  Give read accesss to these files.
+  Updated install-apparmor-profiles.patch
+  bnc#841720
+
 -------------------------------------------------------------------
 Mon Oct 14 13:46:14 MDT 2013 - jfehlig@suse.com