]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
projects / thirdparty / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f62e418)
apparmor: pass attach_disconnected
authorGuido Günther <agx@sigxcpu.org>
Mon, 19 Dec 2016 07:15:15 +0000 (08:15 +0100)
committerGuido Günther <agx@sigxcpu.org>
Wed, 21 Dec 2016 05:26:31 +0000 (06:26 +0100)
to cure

 + virsh lxc-enter-namespace --noseclabel sl /bin/ls /bin/ls
 libvirt:  error : Expected at least one file descriptor
 error: internal error: Child process (2714) unexpected exit status 125

caused by

 apparmor="DENIED" operation="open" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/libvirtd" name="" pid=1422 comm="libvirtd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0

examples/apparmor/usr.sbin.libvirtd patch | blob | blame | history

diff --git a/examples/apparmor/usr.sbin.libvirtd b/examples/apparmor/usr.sbin.libvirtd
index 934124b80f60954b6a8ab9d4f7d4f1cbc7c56f63..8893e75fe97c674c2cbbc6d0130d5d1a5bb45fc2 100644 (file)
--- a/examples/apparmor/usr.sbin.libvirtd
+++ b/examples/apparmor/usr.sbin.libvirtd
@@ -2,7 +2,7 @@
 #include <tunables/global>
 @{LIBVIRT}="libvirt"
 
-/usr/sbin/libvirtd {
+/usr/sbin/libvirtd flags=(attach_disconnected) {
   #include <abstractions/base>
   #include <abstractions/dbus>
 
Mirror of https://github.com/libvirt/libvirt.git