[apparmor] [PATCH] update dnsmasq policy for new libvirt lease helper
Seth Arnold
seth.arnold at canonical.com
Thu Aug 21 00:23:43 UTC 2014
On Wed, Aug 20, 2014 at 07:20:09PM -0500, Jamie Strandboge wrote:
> Newer version of libvirt have a lease helper. Update dnsmasq policy for this.
>
> Acked-By: Jamie Strandboge <jamie at canonical.com>
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
> --
> Jamie Strandboge http://www.ubuntu.com/
> Author: Jamie Strandboge <jamie at canonical.com>
> Description: update dnsmasq policy for new libvirt lease helper
>
> Index: apparmor-2.8.96~2541/profiles/apparmor.d/usr.sbin.dnsmasq
> ===================================================================
> --- apparmor-2.8.96~2541.orig/profiles/apparmor.d/usr.sbin.dnsmasq
> +++ apparmor-2.8.96~2541/profiles/apparmor.d/usr.sbin.dnsmasq
> @@ -49,14 +49,19 @@
> @{TFTP_DIR}/** r,
>
> # libvirt config, lease and hosts files for dnsmasq
> - /var/lib/libvirt/dnsmasq/ r,
> - /var/lib/libvirt/dnsmasq/* r,
> - /var/lib/libvirt/dnsmasq/*.leases rw,
> + /var/lib/libvirt/dnsmasq/ r,
> + /var/lib/libvirt/dnsmasq/* r,
> + /var/lib/libvirt/dnsmasq/*.leases rw,
> + /var/lib/libvirt/dnsmasq/*.status* rw,
>
> # libvirt pid files for dnsmasq
> /{,var/}run/libvirt/network/ r,
> /{,var/}run/libvirt/network/*.pid rw,
>
> + # libvirt lease helper
> + /usr/lib/libvirt/libvirt_leaseshelper ix,
> + /{,var/}run/leaseshelper.pid rwk,
> +
> # NetworkManager integration
> /{,var/}run/nm-dns-dnsmasq.conf r,
> /{,var/}run/sendsigs.omit.d/*dnsmasq.pid w,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140820/33c44752/attachment-0001.pgp>
More information about the AppArmor
mailing list