AppArmor policy update for NVMeoF
When using NVMeoF feature with nova-compute apparmor in enforce mode, nova-compute is denied from running /usr/sbin/nvme and /usr/sbin/blkid, and reading /etc/nvme/hostnqn. Change-Id: Ia23fbf341d5b7ad469337d8a0c65c18ec519a891 Closes-Bug: #2039161 (cherry picked from commit0f9c730817
) (cherry picked from commit557c47f37b
)
This commit is contained in:
parent
2804532c6d
commit
c41b443548
@ -166,4 +166,7 @@
|
|||||||
/etc/magic r,
|
/etc/magic r,
|
||||||
/sys/devices/virtual/dmi/** r,
|
/sys/devices/virtual/dmi/** r,
|
||||||
/usr/sbin/dmidecode rix,
|
/usr/sbin/dmidecode rix,
|
||||||
|
/usr/sbin/blkid rix,
|
||||||
|
/usr/sbin/nvme rix,
|
||||||
|
/etc/nvme/hostnqn r,
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user