~libvirt-maintainers/ubuntu/+source/libvirt:apparmor-upstream-submission-2017

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

c573625... by Christian Ehrhardt  on 2017-05-10

apparmor: allow reading cmdline of shutdown signal

Qemu wants to report who shut it down, allow read access to cmdline info.

Author: Christian Ehrhardt <email address hidden>

Signed-off-by: Christian Ehrhardt <email address hidden>

556d3f2... by Christian Ehrhardt  on 2017-05-10

apparmor: add generic base vfio device

vfio devices are generated on the fly, but the generic base is missing.

Author: Christian Ehrhardt <email address hidden>

Signed-off-by: Christian Ehrhardt <email address hidden>

5ab0133... by Christian Ehrhardt  on 2017-05-10

apparmor: fix newer virt-manager 1.4.0

Let's virt-manager connect with openGraphicsFD.

Author: Bryan Quigley <email address hidden>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1668681

Signed-off-by: Christian Ehrhardt <email address hidden>

f81a8ba... by Christian Ehrhardt  on 2017-05-10

apparmor: add new block device types to virt-aa-helpers profile

This silences some denials that happen without effect, it extends a delta
already in Debian and Ubuntu for quite some time by new device types.

Author: Christian Ehrhardt <email address hidden>

Signed-off-by: Christian Ehrhardt <email address hidden>

b8d127f... by Christian Ehrhardt  on 2017-05-10

apparmor: avoid host name resolution stalls

libvirt can check for host name resolution but is denied by apparmor as
of today. This error is non-fatal, but was reported to cause quite
some long deleays.

Author: Christian Ehrhardt <email address hidden>

Signed-off-by: Christian Ehrhardt <email address hidden>

905f3ef... by Christian Ehrhardt  on 2017-05-10

apparmor: qemu won't call qemu-nbd

While libvirtd might do so, qemu itself as a guest will not need
to call qemu-nbd so remove it from the profile.

Signed-off-by: Christian Ehrhardt <email address hidden>

eb8548a... by Christian Ehrhardt  on 2017-05-10

apparmor: drop references to qemu-kvm

Package qemu-kvm still exists, but several paths still allowed
in the apparmor profile don't. Remove these entries.

Signed-off-by: Christian Ehrhardt <email address hidden>

1a1ffbe... by Christian Ehrhardt  on 2017-05-10

apparmor: Merge the most recent Ubuntu Changes

Merge the most recent Ubuntu Changes

Author: Stefan Bader <email address hidden>

Signed-off-by: Christian Ehrhardt <email address hidden>

4e49445... by Christian Ehrhardt  on 2017-05-10

apparmor: provide local override templates

Local overrides is a feature Debian/Ubuntu libvirt provided for a while.
This allows the user to have a non-conffile that he can use to extend the
package delivered rules with extra content matching his special case.

This change provides override templates for the user to add his custom content.

Author: Stefan Bader <email address hidden>

Signed-off-by: Christian Ehrhardt <email address hidden>

8316b5d... by Christian Ehrhardt  on 2017-05-10

apparmor: include local apparmor profile

Local overrides is a feature Debian/Ubuntu libvirt provided for a while.
This allows the user to have a non-conffile that he can use to extend the
package delivered rules with extra content matching his special case.

This change includes (potential) user files from the packaged apparmor rules.

Author: Felix Geyer <email address hidden>

Signed-off-by: Christian Ehrhardt <email address hidden>