]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
projects / thirdparty / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 07af71a)
apparmor: Allow some more BIOS/UEFI paths
authorMichal Privoznik <mprivozn@redhat.com>
Sat, 25 Jan 2020 08:38:53 +0000 (09:38 +0100)
committerMichal Privoznik <mprivozn@redhat.com>
Thu, 30 Jan 2020 07:57:59 +0000 (08:57 +0100)
There are two more paths that we are missing in the default
domain profile: /usr/share/edk2-ovmf/ and /usr/share/sgabios/.
These exist on my Gentoo box and contain UEFI and BIOS images
respectively.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
src/security/apparmor/libvirt-qemu patch | blob | blame | history

diff --git a/src/security/apparmor/libvirt-qemu b/src/security/apparmor/libvirt-qemu
index 229182927046569e7d2346dac3ecbf89b496f4a5..6942b83969266892451e30fb7667bce0a204a521 100644 (file)
--- a/src/security/apparmor/libvirt-qemu
+++ b/src/security/apparmor/libvirt-qemu
@@ -75,6 +75,7 @@
   # access to firmware's etc
   /usr/share/AAVMF/** r,
   /usr/share/bochs/** r,
+  /usr/share/edk2-ovmf/** r,
   /usr/share/kvm/** r,
   /usr/share/misc/sgabios.bin r,
   /usr/share/openbios/** r,
@@ -86,6 +87,7 @@
   /usr/share/qemu-kvm/** r,
   /usr/share/qemu/** r,
   /usr/share/seabios/** r,
+  /usr/share/sgabios/** r,
   /usr/share/slof/** r,
   /usr/share/vgabios/** r,
 
Mirror of https://github.com/libvirt/libvirt.git