File: 005-fix-qemu-apparmor.patch

package info (click to toggle)
lxd 5.0.2%2Bgit20231211.1364ae4-9%2Bdeb13u1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 25,888 kB
  • sloc: sh: 14,275; ansic: 3,112; python: 432; makefile: 265; ruby: 51; sql: 50; javascript: 9; lisp: 6
file content (17 lines) | stat: -rw-r--r-- 923 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
 
From: Mathias Gibbens <gibmat@debian.org>
Description: Fix apparmor profile generation for QEMU instances (copied from Incus)
Forwarded: no (this patch is licensed as Apache-2.0 and I haven't signed Canonical's CLA)
diff --git a/lxd/apparmor/instance_qemu.go b/lxd/apparmor/instance_qemu.go
index 8f483a0b8..a52986e67 100644
--- a/lxd/apparmor/instance_qemu.go
+++ b/lxd/apparmor/instance_qemu.go
@@ -37,8 +37,7 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
   /sys/devices/**                           r,
   /sys/module/vhost/**                      r,
   /{,usr/}bin/qemu*                         mrix,
-  {{ .ovmfPath }}/OVMF_CODE.fd              kr,
-  {{ .ovmfPath }}/OVMF_CODE.*.fd            kr,
+  {{ .ovmfPath }}/**                        kr,
   /usr/share/qemu/**                        kr,
   /usr/share/seabios/**                     kr,
   owner @{PROC}/@{pid}/cpuset               r,