AppArmor policy update for NVMeoF
When using NVMeoF feature with nova-compute apparmor in enforce mode, nova-compute is denied from running /usr/sbin/nvme and /usr/sbin/blkid, and reading /etc/nvme/hostnqn. Change-Id: Ia23fbf341d5b7ad469337d8a0c65c18ec519a891 Closes-Bug: #2039161 (cherry picked from commit0f9c730817
) (cherry picked from commit557c47f37b
)
This commit is contained in:
parent
2804532c6d
commit
c41b443548
|
@ -166,4 +166,7 @@
|
|||
/etc/magic r,
|
||||
/sys/devices/virtual/dmi/** r,
|
||||
/usr/sbin/dmidecode rix,
|
||||
/usr/sbin/blkid rix,
|
||||
/usr/sbin/nvme rix,
|
||||
/etc/nvme/hostnqn r,
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue