Unfortunately 'network netlink raw' isn't finely mediated, but since this only happens on X, adding this rule to the transitional unity7 and x11 interfaces should be fine. Justification: DAC offers some protections for netlink raw on the system, most applications using X/unity7 run as non-root, X is insecure so blocking this particular rule needed by Qt on X is arguably specious, and breaking out 'netlink raw' into an interface isn't very interesting because it is entirely too general.
Unfortunately 'network netlink raw' isn't finely mediated, but since this only happens on X, adding this rule to the transitional unity7 and x11 interfaces should be fine. Justification: DAC offers some protections for netlink raw on the system, most applications using X/unity7 run as non-root, X is insecure so blocking this particular rule needed by Qt on X is arguably specious, and breaking out 'netlink raw' into an interface isn't very interesting because it is entirely too general.