1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
diff --git a/src/security/apparmor/libvirt-qemu b/src/security/apparmor/libvirt-qemu
index 80986ae..d550d8c 100644
--- a/src/security/apparmor/libvirt-qemu
+++ b/src/security/apparmor/libvirt-qemu
@@ -88,6 +88,7 @@
/usr/share/sgabios/** r,
/usr/share/slof/** r,
/usr/share/vgabios/** r,
+ /usr/share/seavgabios/** r,
# pki for libvirt-vnc and libvirt-spice (LP: #901272, #1690140)
/etc/pki/CA/ r,
--- a/src/security/apparmor/meson.build 2020-10-06 17:45:18.590000000 +0100
+++ b/src/security/apparmor/meson.build 2020-10-06 17:45:07.044000000 +0100
@@ -1,5 +1,5 @@
apparmor_gen_profiles = [
- 'usr.lib.libvirt.virt-aa-helper',
+ 'usr.libexec.libvirt.virt-aa-helper',
'usr.sbin.libvirtd',
]
@@ -32,7 +32,7 @@ install_data(
)
install_data(
- 'usr.lib.libvirt.virt-aa-helper.local',
+ 'usr.libexec.libvirt.virt-aa-helper.local',
install_dir: apparmor_dir / 'local',
- rename: 'usr.lib.libvirt.virt-aa-helper',
+ rename: 'usr.libexec.libvirt.virt-aa-helper',
)
diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in b/src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.in
similarity index 97%
rename from src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in
rename to src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.in
index dd18c8a..d06f9cb 100644
--- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in
+++ b/src/security/apparmor/usr.libexec.virt-aa-helper.in
@@ -69,5 +69,5 @@ profile virt-aa-helper @libexecdir@/virt-aa-helper {
/**.[iI][sS][oO] r,
/**/disk{,.*} r,
- #include <local/usr.lib.libvirt.virt-aa-helper>
+ #include <local/usr.libexec.libvirt.virt-aa-helper>
}
diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.local b/src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.local
similarity index 100%
rename from src/security/apparmor/usr.lib.libvirt.virt-aa-helper.local
rename to src/security/apparmor/usr.libexec.libvirt.virt-aa-helper.local
|