- virt-aa-helper apparmor profile was denying read access to

/proc/$PID/*. Give read accesss to these files. Updated install-apparmor-profiles.patch bnc#841720 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=305
2013-10-14 22:04:45 +00:00 · 2013-10-14 22:04:45 +00:00 · ec267e5c8f
commit ec267e5c8f
parent 6aecdae0d2
2 changed files with 10 additions and 1 deletions
--- a/install-apparmor-profiles.patch
+++ b/install-apparmor-profiles.patch
@ -57,7 +57,7 @@ Index: libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
 ===================================================================
 --- /dev/null
 +++ libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
-@@ -0,0 +1,40 @@
+@@ -0,0 +1,41 @@
 +# Last Modified: Fri Aug 19 11:21:48 2011
 +#include <tunables/global>
 +
@ -71,6 +71,7 @@ Index: libvirt-1.1.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
 +  # needed for when disk is on a network filesystem
 +  network inet,
 +
+  @{PROC}/[0-9]** r,
 +  deny @{PROC}/[0-9]*/mounts r,
 +  @{PROC}/filesystems r,
 +
--- a/libvirt.changes
+++ b/libvirt.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Oct 14 16:01:46 MDT 2013 - jfehlig@suse.com
+
+- virt-aa-helper apparmor profile was denying read access to
+  /proc/$PID/*.  Give read accesss to these files.
+  Updated install-apparmor-profiles.patch
+  bnc#841720
+
 -------------------------------------------------------------------
 Mon Oct 14 13:46:14 MDT 2013 - jfehlig@suse.com