Skip to content

Commit

Permalink
Merge pull request #949 from stgraber/main
Browse files Browse the repository at this point in the history 
incusd/apparmor: Update for current QEMU
  • Loading branch information
@hallyn
hallyn authored Jun 21, 2024
2 parents 2bbcd64 + d06441c commit 4669531
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 0 deletions.
1 change: 1 addition & 0 deletions internal/server/apparmor/instance_qemu.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
/etc/ceph/** r,
/etc/machine-id r,
/run/udev/data/* r,
/proc/sys/vm/max_map_count r,
/sys/bus/ r,
/sys/bus/nd/devices/ r,
/sys/bus/usb/devices/ r,
Expand Down
4 changes: 4 additions & 0 deletions internal/server/apparmor/qemuimg.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,11 @@ profile "{{ .name }}" flags=(attach_disconnected,mediate_deleted) {
capability dac_read_search,
capability ipc_lock,
/proc/sys/vm/max_map_count r,
/sys/devices/**/block/*/queue/max_segments r,
/sys/devices/**/block/*/zoned r,
/sys/devices/system/node r,
/sys/devices/system/node/** r,
{{range $index, $element := .allowedCmdPaths}}
{{$element}} mixr,
Expand Down

0 comments on commit 4669531

Please sign in to comment.