AppArmor policy update for NVMeoF
When using NVMeoF feature with nova-compute apparmor in enforce
mode, nova-compute is denied from running /usr/sbin/nvme and
/usr/sbin/blkid, and reading /etc/nvme/hostnqn.
Change-Id: Ia23fbf341d5b7ad469337d8a0c65c18ec519a891
Closes-Bug: #2039161
(cherry picked from commit 0f9c730817
)
This commit is contained in:
parent
cb1cdec0a6
commit
557c47f37b
|
@ -166,4 +166,7 @@
|
|||
/etc/magic r,
|
||||
/sys/devices/virtual/dmi/** r,
|
||||
/usr/sbin/dmidecode rix,
|
||||
/usr/sbin/blkid rix,
|
||||
/usr/sbin/nvme rix,
|
||||
/etc/nvme/hostnqn r,
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue