summaryrefslogtreecommitdiff
path: root/app-emulation/libvirt/files/libvirt-5.0.0-fix-paths-for-apparmor.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app-emulation/libvirt/files/libvirt-5.0.0-fix-paths-for-apparmor.patch')
-rw-r--r--app-emulation/libvirt/files/libvirt-5.0.0-fix-paths-for-apparmor.patch110
1 files changed, 110 insertions, 0 deletions
diff --git a/app-emulation/libvirt/files/libvirt-5.0.0-fix-paths-for-apparmor.patch b/app-emulation/libvirt/files/libvirt-5.0.0-fix-paths-for-apparmor.patch
new file mode 100644
index 000000000000..ca9f952a8234
--- /dev/null
+++ b/app-emulation/libvirt/files/libvirt-5.0.0-fix-paths-for-apparmor.patch
@@ -0,0 +1,110 @@
+From 563706143779166624812b3faf498d869f5dd383 Mon Sep 17 00:00:00 2001
+Message-Id: <563706143779166624812b3faf498d869f5dd383.1547196492.git.mprivozn@redhat.com>
+From: Michal Privoznik <mprivozn@redhat.com>
+Date: Fri, 11 Jan 2019 09:41:06 +0100
+Subject: [PATCH] gentoo: fix paths for apparmor
+
+Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
+---
+ src/security/Makefile.inc.am | 10 +++++-----
+ src/security/apparmor/libvirt-qemu | 2 ++
+ ...bvirt.virt-aa-helper => usr.libexec.virt-aa-helper} | 4 ++--
+ src/security/apparmor/usr.sbin.libvirtd | 6 ++++--
+ 4 files changed, 13 insertions(+), 9 deletions(-)
+ rename src/security/apparmor/{usr.lib.libvirt.virt-aa-helper => usr.libexec.virt-aa-helper} (93%)
+
+diff --git a/src/security/Makefile.inc.am b/src/security/Makefile.inc.am
+index b24cdfd083..ae8e979b84 100644
+--- a/src/security/Makefile.inc.am
++++ b/src/security/Makefile.inc.am
+@@ -36,7 +36,7 @@ EXTRA_DIST += \
+ security/apparmor/TEMPLATE.lxc \
+ security/apparmor/libvirt-qemu \
+ security/apparmor/libvirt-lxc \
+- security/apparmor/usr.lib.libvirt.virt-aa-helper \
++ security/apparmor/usr.libexec.virt-aa-helper \
+ security/apparmor/usr.sbin.libvirtd \
+ $(NULL)
+
+@@ -90,7 +90,7 @@ endif WITH_SECDRIVER_APPARMOR
+ if WITH_APPARMOR_PROFILES
+ apparmordir = $(sysconfdir)/apparmor.d/
+ apparmor_DATA = \
+- security/apparmor/usr.lib.libvirt.virt-aa-helper \
++ security/apparmor/usr.libexec.virt-aa-helper \
+ security/apparmor/usr.sbin.libvirtd \
+ $(NULL)
+
+@@ -110,11 +110,11 @@ APPARMOR_LOCAL_DIR = "$(DESTDIR)$(apparmordir)/local"
+ install-apparmor-local:
+ $(MKDIR_P) "$(APPARMOR_LOCAL_DIR)"
+ echo "# Site-specific additions and overrides for \
+- 'usr.lib.libvirt.virt-aa-helper'" \
+- >"$(APPARMOR_LOCAL_DIR)/usr.lib.libvirt.virt-aa-helper"
++ 'usr.libexec.virt-aa-helper'" \
++ >"$(APPARMOR_LOCAL_DIR)/usr.libexec.virt-aa-helper"
+
+ uninstall-apparmor-local:
+- rm -f "$(APPARMOR_LOCAL_DIR)/usr.lib.libvirt.virt-aa-helper"
++ rm -f "$(APPARMOR_LOCAL_DIR)/usr.libexec.virt-aa-helper"
+ rmdir "$(APPARMOR_LOCAL_DIR)" || :
+
+ INSTALL_DATA_LOCAL += install-apparmor-local
+diff --git a/src/security/apparmor/libvirt-qemu b/src/security/apparmor/libvirt-qemu
+index eaa5167525..9be50bbbe0 100644
+--- a/src/security/apparmor/libvirt-qemu
++++ b/src/security/apparmor/libvirt-qemu
+@@ -87,6 +87,8 @@
+ /usr/share/AAVMF/** r,
+ /usr/share/qemu-efi/** r,
+ /usr/share/slof/** r,
++ /usr/share/seavgabios/** r,
++ /usr/share/edk2-ovmf/** r,
+
+ # pki for libvirt-vnc and libvirt-spice (LP: #901272, #1690140)
+ /etc/pki/CA/ r,
+diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper b/src/security/apparmor/usr.libexec.virt-aa-helper
+similarity index 93%
+rename from src/security/apparmor/usr.lib.libvirt.virt-aa-helper
+rename to src/security/apparmor/usr.libexec.virt-aa-helper
+index de9436872c..99ab4ea527 100644
+--- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
++++ b/src/security/apparmor/usr.libexec.virt-aa-helper
+@@ -1,7 +1,7 @@
+ # Last Modified: Mon Apr 5 15:10:27 2010
+ #include <tunables/global>
+
+-profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
++profile virt-aa-helper /usr/libexec/virt-aa-helper {
+ #include <abstractions/base>
+
+ # needed for searching directories
+@@ -33,7 +33,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
+ deny /dev/mapper/ r,
+ deny /dev/mapper/* r,
+
+- /usr/{lib,lib64}/libvirt/virt-aa-helper mr,
++ /usr/libexec/virt-aa-helper mr,
+ /{usr/,}sbin/apparmor_parser Ux,
+
+ /etc/apparmor.d/libvirt/* r,
+diff --git a/src/security/apparmor/usr.sbin.libvirtd b/src/security/apparmor/usr.sbin.libvirtd
+index f0ffc53008..8a402bd6ec 100644
+--- a/src/security/apparmor/usr.sbin.libvirtd
++++ b/src/security/apparmor/usr.sbin.libvirtd
+@@ -98,8 +98,10 @@
+ audit deny /sys/kernel/security/apparmor/.* rwxl,
+ /sys/kernel/security/apparmor/profiles r,
+ /usr/{lib,lib64}/libvirt/* PUxr,
+- /usr/{lib,lib64}/libvirt/libvirt_parthelper ix,
+- /usr/{lib,lib64}/libvirt/libvirt_iohelper ix,
++ /usr/libexec/virt-aa-helper PUxr,
++ /usr/libexec/libvirt_lxc PUxr,
++ /usr/libexec/libvirt_parthelper ix,
++ /usr/libexec/libvirt_iohelper ix,
+ /etc/libvirt/hooks/** rmix,
+ /etc/xen/scripts/** rmix,
+
+--
+2.19.2
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-27 16:14:24 +0000