Attachment #873970 for bug #1221840

View | Details | Raw Unified | Return to bug 1221840
Collapse All | Expand All

Lines 27-32 Link Here

(-)a/contrib/apparmor/abstractions/passt (+1 lines)
27		27
28	/ r, # isolate_prefork(), isolation.c	28	/ r, # isolate_prefork(), isolation.c
29	mount options=(rw, runbindable) /,	29	mount options=(rw, runbindable) /,
		30	mount "" -> "/",
30	mount "" -> "/tmp/",	31	mount "" -> "/tmp/",
31	pivot_root "/tmp/" -> "/tmp/",	32	pivot_root "/tmp/" -> "/tmp/",
32	umount "/",	33	umount "/",

Lines 27-33 Link Here

(-)a/contrib/apparmor/abstractions/pasta (-1 / +1 lines)
27	@{PROC}/@{pid}/net/udp r,	27	@{PROC}/@{pid}/net/udp r,
28	@{PROC}/@{pid}/net/udp6 r,	28	@{PROC}/@{pid}/net/udp6 r,
29		29
30	@{run}/user/@{uid}/netns/* r, # pasta_open_ns(), pasta.c	30	@{run}/user/@{uid}/** r, # pasta_open_ns(), pasta.c
31		31
32	@{PROC}/[0-9]*/ns/net r, # pasta_wait_for_ns(),	32	@{PROC}/[0-9]*/ns/net r, # pasta_wait_for_ns(),
33	@{PROC}/[0-9]*/ns/user r, # conf_pasta_ns()	33	@{PROC}/[0-9]*/ns/user r, # conf_pasta_ns()

Return to bug 1221840