apparmor profile for libvirtd should be in enforce mode
Bug #427338 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libvirt (Ubuntu) |
Fix Released
|
Medium
|
Jamie Strandboge |
Bug Description
libvirt-bin currently ships with a complain mode profile. This was done to work around kernel bug #401931
and bug #408454. These bugs were fixed in the 2.6.31-10 kernel and the libvirtd profile should be updated to enforcing. Please note that the libvirtd profile is a lenient profile and does *not* affect the confinement mode of virtual machines (this is controlled by /etc/apparmor.
Related branches
Changed in libvirt (Ubuntu): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in libvirt (Ubuntu): | |
status: | In Progress → Triaged |
To post a comment you must log in.
This bug was fixed in the package libvirt - 0.7.0-1ubuntu5
---------------
libvirt (0.7.0-1ubuntu5) karmic; urgency=low
* debian/ apparmor/ usr.sbin. libvirtd: switch to enforcing by default. Please d/libvirt/ TEMPLATE) was already in enforcing mode. README. Debian: update AppArmor section based on the upstream
note that this was only in complain mode temporarily to work around kernel
bugs in the 2.6.31-9 kernel. Confinement of virtual machines (controlled
by /etc/apparmor.
(LP: #427338)
* debian/
documentation
-- Jamie Strandboge <email address hidden> Thu, 10 Sep 2009 08:05:45 -0500