openkylin
/
libvirt
mirror of https://gitee.com/openkylin/libvirt.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

apparmor: Allow some more BIOS/UEFI paths 

There are two more paths that we are missing in the default
domain profile: /usr/share/edk2-ovmf/ and /usr/share/sgabios/.
These exist on my Gentoo box and contain UEFI and BIOS images
respectively.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
This commit is contained in:
Michal Privoznik 2020-01-25 09:38:53 +01:00
parent 07af71ad99
commit 8f204fb4da
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/security/apparmor/libvirt-qemu
View File

@ -75,6 +75,7 @@
# access to firmware's etc
/usr/share/AAVMF/** r,
/usr/share/bochs/** r,
/usr/share/edk2-ovmf/** r,
/usr/share/kvm/** r,
/usr/share/misc/sgabios.bin r,
/usr/share/openbios/** r,
@ -86,6 +87,7 @@
/usr/share/qemu-kvm/** r,
/usr/share/qemu/** r,
/usr/share/seabios/** r,
/usr/share/sgabios/** r,
/usr/share/slof/** r,
/usr/share/vgabios/** r,