From nobody Fri Apr 19 21:49:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 15057638714031009.2406101097638; Mon, 18 Sep 2017 12:44:31 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9A2FB883BD; Mon, 18 Sep 2017 19:44:29 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C303B60241; Mon, 18 Sep 2017 19:44:28 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F0EDF1806102; Mon, 18 Sep 2017 19:44:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v8IJOOJV019686 for ; Mon, 18 Sep 2017 15:24:24 -0400 Received: by smtp.corp.redhat.com (Postfix) id 03BA56047B; Mon, 18 Sep 2017 19:24:24 +0000 (UTC) Received: from mx1.redhat.com (ext-mx10.extmail.prod.ext.phx2.redhat.com [10.5.110.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F2AE3600C2 for ; Mon, 18 Sep 2017 19:24:21 +0000 (UTC) Received: from honk.sigxcpu.org (honk.sigxcpu.org [24.134.29.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B1BDF2BEFF for ; Mon, 18 Sep 2017 19:24:19 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by honk.sigxcpu.org (Postfix) with ESMTP id 22A67FB05 for ; Mon, 18 Sep 2017 21:24:18 +0200 (CEST) Received: from honk.sigxcpu.org ([127.0.0.1]) by localhost (honk.sigxcpu.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MRS70D2AP2eN for ; Mon, 18 Sep 2017 21:24:17 +0200 (CEST) Received: by bogon.sigxcpu.org (Postfix, from userid 1000) id DED9B41610; Mon, 18 Sep 2017 21:24:16 +0200 (CEST) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 9A2FB883BD Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=sigxcpu.org Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 9A2FB883BD DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com B1BDF2BEFF Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=sigxcpu.org Authentication-Results: ext-mx10.extmail.prod.ext.phx2.redhat.com; spf=none smtp.mailfrom=agx@sigxcpu.org DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com B1BDF2BEFF X-Virus-Scanned: Debian amavisd-new at honk.sigxcpu.org Date: Mon, 18 Sep 2017 21:24:16 +0200 From: Guido =?iso-8859-1?Q?G=FCnther?= To: libvir-list@redhat.com Message-ID: <41257226a11164f62c3fb3dfe02d3594cae8cac0.1505762636.git.agx@sigxcpu.org> Mail-Followup-To: Guido =?iso-8859-1?Q?G=FCnther?= , libvir-list@redhat.com MIME-Version: 1.0 Content-Disposition: inline User-Agent: NeoMutt/20170609 (1.8.3) X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Mon, 18 Sep 2017 19:24:20 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Mon, 18 Sep 2017 19:24:20 +0000 (UTC) for IP:'24.134.29.49' DOMAIN:'honk.sigxcpu.org' HELO:'honk.sigxcpu.org' FROM:'agx@sigxcpu.org' RCPT:'' X-RedHat-Spam-Score: -0.001 (RP_MATCHES_RCVD) 24.134.29.49 honk.sigxcpu.org 24.134.29.49 honk.sigxcpu.org X-Scanned-By: MIMEDefang 2.78 on 10.5.110.39 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH] apparmor: delete profile on VM shutdown X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Mon, 18 Sep 2017 19:44:30 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" instead of only unloading it. This makes sure old profiles don't pile up in /etc/apparmor.d/libvirt and we get updates to modified templates on VM restart. Reviewed-by: Jim Fehlig --- src/security/security_apparmor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index 5afe0c5c85..1db94c632f 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -220,7 +220,7 @@ remove_profile(const char *profile) { int rc =3D -1; const char * const argv[] =3D { - VIRT_AA_HELPER, "-R", "-u", profile, NULL + VIRT_AA_HELPER, "-D", "-u", profile, NULL }; =20 if (virRun(argv, NULL) =3D=3D 0) --=20 2.14.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list