openstack
/
charm-nova-compute
Code Issues Proposed changes

Merge "Add multipath to nova-compute AppArmor profile"

This commit is contained in:
Zuul 2019-05-16 11:14:35 +00:00 committed by Gerrit Code Review
parent 96b5e8a249 40914493c7
commit 95d117ab24
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
templates/usr.bin.nova-compute
View File

@ -31,6 +31,8 @@
/bin/* rix,
/dev/disk/** r,
/dev/disk/by-id/* r,
/dev/mapper/control wr,
/dev/nbd* rw,
/dev/tty rw,
/dev/pts/* r,
@ -43,14 +45,19 @@
/etc/modprobe.d/ r,
/etc/modprobe.d/** r,
/etc/mtab rw,
/etc/multipath/bindings wr,
/etc/multipath/wwids wr,
/etc/nova/** r,
/etc/ssh/ssh_config r,
/etc/ssl/openssl.cnf r,
/etc/sudoers r,
/etc/sudoers.d/ r,
/etc/sudoers.d/* r,
/etc/udev/udev.conf r,
/proc/*/cmdline r,
/proc/cmdline r,
/proc/devices r,
/proc/sys/fs/nr_open r,
/proc/sys/net/ipv6/conf/** w,
/proc/*/task/*/comm wr,
/proc/*/fd/ r,
@ -76,6 +83,8 @@
/sbin/hdparm rix,
/sbin/xtables-multi rix,
/sbin/mkswap rix,
/sbin/multipath rix,
/sbin/multipathd rix,
/sys/block/ r,
/sys/class/fc_host/{,**} r,
/sys/class/iscsi_host/ r,
@ -91,6 +100,7 @@
/sys/devices/system/cpu/** r,
/sys/devices/system/node/ r,
/sys/devices/system/node/** r,
/sys/devices/virtual/block/dm*/ r,
/sys/devices/virtual/block/nbd*/ r,
/sys/devices/virtual/iscsi_transport/** r,
/sys/devices/virtual/net/** w,