Hi All,
Is it fine to push these patches now that the release is out? Christian E. has
ACKed 1/2 and Christian B. has 'LGTM' both. Anyone brave enough to ACK 2/2, or
have further comments? I'd like to get these in since modular daemons are now
prime-time.
Regards,
Jim
On 6/24/21 2:48 PM, Jim Fehlig wrote:
> V2: https://listman.redhat.com/archives/libvir-list/2021-June/msg00676.html
> V1: https://listman.redhat.com/archives/libvir-list/2021-June/msg00456.html
>
> Changes since V2:
> Patches 3 and 4 ACKed and pushed since they are bug fixes independent of
> modular vs monolithic daemons.
>
> The qemu_bridge_helper subprofile in patch 1 was adjusted for
> communication with virtqemud instead of libvirtd.
>
> After snooping through git history, I found a few capabilities explicitly
> added for xen that have been added back to the virtxend profile.
>
> Note: The profile for virtlxcd will have to wait until the following
> issue is fixed
>
> https://gitlab.com/libvirt/libvirt/-/issues/181
>
> Jim Fehlig (2):
> Apparmor: Add profile for virtqemud
> Apparmor: Add profile for virtxend
>
> src/security/apparmor/libvirt-qemu | 3 +
> src/security/apparmor/meson.build | 2 +
> src/security/apparmor/usr.sbin.virtqemud.in | 134 ++++++++++++++++++++
> src/security/apparmor/usr.sbin.virtxend.in | 55 ++++++++
> 4 files changed, 194 insertions(+)
> create mode 100644 src/security/apparmor/usr.sbin.virtqemud.in
> create mode 100644 src/security/apparmor/usr.sbin.virtxend.in
>