registry team mailing list archive
-
registry team
-
Mailing list archive
-
Message #05256
[Bug 457716] Re: apparmor denies save and restore
This bug was fixed in the package libvirt - 0.8.1-2ubuntu1
---------------
libvirt (0.8.1-2ubuntu1) maverick; urgency=low
* Merge from debian unstable. Remaining changes:
- Fixes:
LP: #522845
LP: #553737
LP: #520386
- debian/control:
+ Build-Depends on qemu-kvm, not qemu
+ Build-Depends on open-iscsi-utils, not open-iscsi
+ Build-Depends on libxml2-utils
+ Build-Depends on libapparmor-dev and Suggests apparmor
+ Bump bridge-utils, dnsmasq-base, netcat-openbsd, and iptables
to Depends of libvirt-bin
+ Drop qemu-kvm and qemu to Suggests
+ We call libxen-dev libxen3-dev, so change all references
+ Rename Vcs-* to XS-Debian-Vcs-*
- debian/libvirt-bin.postinst:
+ rename the libvirt group to libvirtd
+ add each admin user to the libvirtd group
+ reload apparmor profiles
- debian/libvirt-bin.postrm:
+ rename the libvirt group to libvirtd
+ remove apparmor symlinks on purge
- debian/README.Debian: add AppArmor section based on the upstream
documentation
- debian/rules:
+ update DEB_DH_INSTALLINIT_ARGS for upstart
+ add DEB_MAKE_CHECK_TARGET := check
+ use --with-apparmor
+ copy apparmor and apport hook to debian/tmp
- add debian/libvirt-bin.upstart
- debian/libvirt-bin.dirs: add /etc/apparmor.d/abstractions,
/etc/apparmor.d/disable, /etc/apparmor.d/force-complain,
/etc/apparmor.d/libvirt, /etc/cron.daily and
/usr/share/apport/package-hooks
- add debian/libvirt-bin.cron.daily
- add debian/libvirt-bin.apport
- debian/libvirt-bin.install: install apparmor profiles, abstractions
and apport hook
- debian/apparmor:
- add TEMPLATE
- add libvirt-qemu abstraction
- add usr.lib.libvirt.virt-aa-helper
- add usr.sbin.libvirtd
- debian/patches/series:
+ don't apply 0002-qemu-disable-network.diff.patch
+ don't apply 0005-Terminate-nc-on-EOF.patch. Use
9010-autodetect-nc-params.patch instead
+ 9000-delayed_iff_up_bridge.patch (refreshed)
+ 9001-dont_clobber_existing_bridges.patch
+ 9002-better_default_uri_virsh.patch (updated)
+ 9004-better-default-arch.patch
+ 9005-libvirtd-group-name.patch
+ 9006-increase-unix-socket-timeout.patch (refreshed)
+ 9007-default-config-test-case.patch (updated)
+ 9008-fix-daemon-conf-ftbfs.patch (rewritten)
+ 9009-run-as-root-by-default.patch (refreshed)
+ 9010-autodetect-nc-params.patch (refreshed, formerly 9015)
+ 9011-dont-disable-ipv6.patch (updated)
* Dropped following packaging changes, no longer required with upgrades
from Lucid:
- debian/control:
+ versioned Conflicts/Replaces to libvirt0 for libvirt0-dbg
+ remove Build-Depends on libcap-ng-dev
- debian/libvirt-bin.postinst: virt-aa-helper profile migration to
/usr/lib/libvirt
- debian/libvirt-bin.preinst: added to force complain on certain
upgrades
* Dropped the following patches, included upstream:
- 0010-Use-base-16-for-product-vendor.patch
- 9003-increase-logoutput-timeout.patch
- 9010-apparmor-ftbfs.patch
- 9011-node_device_driver.patch
- 9012-dont-crash-on-restart.patch
- 9013-apparmor-dont-clear-caps.patch
- 9014-apparmor-remove-unloaded-profile-is-not-fatal.patch
- 9016-disk-cache-setting-xml.patch
- 9018-fix-pty-console.patch
- 9019-apparmor-fix-xauth.patch
- 9020-apparmor-fix-backingstore.patch
- 9021-apparmor-fix-hostdev.patch
- 9022-dont-leak-log-fd.path.patch
- 9023-virt-pki-validate_fixes.patch
- 9024-free-memory-for-invalid-devices.patch (use
0008-Fix-leaks-in-udev-device-add-remove.patch from Debian)
* debian/apparmor/usr.lib.libvirt.virt-aa-helper: allow access to ecryptfs
files (LP: #591769)
* debian/patches/9012-fix-nodeinfotest-ftbfs.patch: fix FTBFS in
nodeinfotest. Drop in 0.8.2.
* debian/patches/9013-apparmor-lp457716.patch: properly support/save and
restore (LP: #457716). Drop in 0.8.2.
* debian/apparmor/libvirt-qemu: remove workaround for LP: #457716
* don't create and run ebtables script in /tmp:
- debian/apparmor/usr.sbin.libvirt: allow ixr to /var/lib/libvirt/virtd*
for new ebtables functionality added in 0.8.0
- debian/patches/9014-move-ebtables-script.patch: update
nwfilter_ebiptables_driver.c /var/lib/libvirt to use /var/lib/libvirt
instead of /tmp
libvirt (0.8.1-2) unstable; urgency=low
* [41aea79] Drop patchsys-quilt since this package is 3.0 (quilt) now.
(Closes: #577919)
* [978e3c9] libvirt-bin.init: export PATH. (Closes: #584333)
* [e4f0869] virt-xml-validate needs xmllint from libxml2-utils.
(Closes: #584869)
* [bba6d72] New patch 0008-Fix-leaks-in-udev-device-add-remove.patch:
Fix leaks in udev device add/remove. (Closes: #582965) - thanks to
Nigel Jones for forwarding this
libvirt (0.8.1-1) unstable; urgency=low
* [647cbd6] Imported Upstream version 0.8.1
* fixes spurious syslog messages (Closes: #565275)
* sysfs USB class parsing (Closes: #579208)
* virsh honors $VISUAL (Closes: #574415)
* [fecd1b9] Update libvirt symbols to 0.8.1
* [3e58e0b] Drop patches merged upstream:
* 0007-nwfilter-Don-t-crash-if-driverState-NULL.patch
* 0008-Ignore-empty-type-statement-in-disk-element.patch
* [561ab2e] New patch:
* 0007-patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch:
make qemuMonitorTextGetMigrationStatus to intercept unknown
command 'info migrate' (Closes: #574272) - thanks to Andreas Bießmann
* [aeda8ea] Enanble macvtap support
libvirt (0.8.0-2) unstable; urgency=low
* [70fbcb6] New patch 0007-nwfilter-Don-t-crash-if-driverState- NULL.patch
nwfilter: Don't crash if driverState == NULL (Closes: #577728)
* [d7d1abd] New patch 0008-Ignore-empty-type-statement-in-disk-
element.patch Ignore empty type statement in disk element
(Closes: #578347)
libvirt (0.8.0-1) unstable; urgency=low
* Imported Upstream version 0.8.0
* Drop patches.
* Update libvirt0 symbols.
* Switch to new source format 3.0 (quilt).
libvirt (0.7.7-4) unstable; urgency=low
[ Guido Günther ]
* [cf4919c] Recommend either qemu-kvm or qemu
[ Laurent Léonard ]
* [1b12f02] Change libparted1.8-dev build dependency to libparted0- dev.
(Closes: #574906)
libvirt (0.7.7-3) unstable; urgency=low
* The "fix all those crashes" release
* [f74e13a] Explicitly disable hal (Closes: #574177)
* [21ef92b] New patch 0009-security-Set-permissions-for-kernel- initrd.patch
security: Set permissions for kernel/initrd (Closes: #574241) - thanks to
Cole Robinson
* [b69d3cc] Revert "Enable NUMA support" since it breaks the python
bindings.
* [5f2ca4a] New patch 0010-Don-t-crash-without-a-security-driver.patch Don't
crash without a security driver (Closes: #574359)
libvirt (0.7.7-2) unstable; urgency=low
[ Guido Günther ]
* [b350683] Enable parallel build
* [b2a6aab] Enable NUMA support
* [13274cf] New patch 0007-Work-around-broken-linux-socket.h.patch
Work around broken linux/socket.h
[ Laurent Léonard ]
* [3c12caf] qemu: Fix USB by product with security enabled.
libvirt (0.7.7-1) unstable; urgency=low
* [f944460] Imported Upstream version 0.7.7
* [bd457cc] Redo patches.
* [098d1d3] Update libvirt0 symbols.
libvirt (0.7.6-2) unstable; urgency=low
* [72790fc] Drop hal dependency We're using udev for device enumeration.
* [ce225c4][11cc6e9] New patch
0006-Don-t-drop-caps-when-exec-ing-qemu.patch: Don't drop caps when
exec'ing qemu. Instead of disabling libcap-ng better exclude this one exec
so we get the additional security for the rest of the calls. Makes
interface type="network" work again. (Closes: #565767)
libvirt (0.7.6-1) unstable; urgency=low
* [0229557] Imported Upstream version 0.7.6
* [6fdc00b] Drop patches.
* [1b0670b] Update libvirt0 symbols.
libvirt (0.7.5-6) unstable; urgency=low
[ Laurent Léonard ]
* [a3b98c9] Don't free an uninitalized pointer in update_driver_name()
(Closes: #565983) - thanks to Matthias Bolte
* [719976d] Handle only official releases in debian/watch.
* [83902d9] Bump Standards-Version to 3.8.4.
[ Guido Günther ]
* [959640d] New patch 0011-Fix-parsing-of-info-chardev-line-
endings.patch Fix parsing of 'info chardev' line endings (Closes:
#567818) - thanks to Matthew Booth
[ Laurent Léonard ]
* [0b2a9dd] Add $remote_fs to Required-Start and Required-Stop in
libvirt-bin init script.
-- Jamie Strandboge <jamie@xxxxxxxxxx> Wed, 16 Jun 2010 14:22:39 -0500
** Changed in: libvirt (Ubuntu Maverick)
Status: In Progress => Fix Released
--
apparmor denies save and restore
https://bugs.launchpad.net/bugs/457716
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Fedora.