Ubuntu
virt-manager package

  1. Bug #1074207
  2. Comment #18

Comment 18 for bug 1074207

Revision history for this message
Steve Langasek (vorlon) wrote : Re: [Bug 1074207] Re: please add support for configuring ovmf via use of qemu -L option

On Fri, Jan 18, 2013 at 10:07:10PM -0000, Serge Hallyn wrote:
> @Jamie,

> do you think we should whitelist /**/OVMF.Fd, whitelist
> /usr/share/qemu/**, or are you suggesting something different (in
> comments #16 and #8)?

At present we have the following in
/etc/apparmor.d/abstractions/libvirt-qemu:

  # access to firmware's etc
  /usr/share/kvm/** r,
  /usr/share/qemu/** r,
  /usr/share/bochs/** r,
  /usr/share/openbios/** r,
  /usr/share/openhackware/** r,
  /usr/share/proll/** r,
  /usr/share/vgabios/** r,
  /usr/share/seabios/** r,

assuming ovmf is handled consistently to the other bioses, we probably want
'/usr/share/ovmf/** r' added to this list, with a symlink from
/usr/share/ovmf/OVMF.fd to /usr/share/qemu/OVMF.fd.