The original bug here was fixed by changing the sub-element to
/usr/{lib,lib64,lib/qemu,libexec}/qemu-bridge-helper Cx ->
qemu_bridge_helper,
Which covers the correct path as well.
Due to that it is "now" detected correctly.
This detection puts it under the label of libvirt and that is what triggers the
new case of needing:
label=libvirtd//qemu_bridge_helper
The change above was due to:
https://libvirt.org/git/?p=libvirt.git;a=commit;h=123cc3e11c03442fd87f00a9089882ec65cffdb8
That was in 3.2 which maps to >=artful (17.10).
It fixes the original bug reported here (to get the helper confined)
But the named labelling was added later
https://libvirt.org/git/?p=libvirt.git;a=commit;h=a3ab6d42d825499af44b8f19f9299e150d9687bc
That maps to 5.1 which would be >=19.10 Eoan and reflects the latter
bug.
I think now things make sense - thanks to both of you!
I'll keep this bug even thou the original report was fixed to address
the second related issue.
** Changed in: libvirt (Ubuntu)
Status: Expired => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1655111
Title:
LibVirt Apparmor profile has qemu-bridge-helper listed in the wrong
directory
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1655111/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
