1 files changed, 0 insertions, 118 deletions

diff --git a/app-emulation/libvirt/files/libvirt-3.10.0-fix_paths_for_apparmor.patch b/app-emulation/libvirt/files/libvirt-3.10.0-fix_paths_for_apparmor.patch
deleted file mode 100644
index 0e386c1..0000000
--- a/app-emulation/libvirt/files/libvirt-3.10.0-fix_paths_for_apparmor.patch
+++ /dev/null
@@ -1,118 +0,0 @@
-diff --git a/examples/Makefile.am b/examples/Makefile.am
-index ef2f79d..d8cdb9b 100644
---- a/examples/Makefile.am
-+++ b/examples/Makefile.am
-@@ -23,7 +23,7 @@ EXTRA_DIST = \
- 	apparmor/TEMPLATE.lxc \
- 	apparmor/libvirt-qemu \
- 	apparmor/libvirt-lxc \
--	apparmor/usr.lib.libvirt.virt-aa-helper \
-+	apparmor/usr.libexec.virt-aa-helper \
- 	apparmor/usr.sbin.libvirtd \
- 	lxcconvert/virt-lxc-convert \
- 	polkit/libvirt-acl.rules \
-@@ -70,7 +70,7 @@ admin_logging_SOURCES = admin/logging.c
- if WITH_APPARMOR_PROFILES
- apparmordir = $(sysconfdir)/apparmor.d/
- apparmor_DATA = \
--	apparmor/usr.lib.libvirt.virt-aa-helper \
-+	apparmor/usr.libexec.virt-aa-helper \
- 	apparmor/usr.sbin.libvirtd \
- 	$(NULL)
- 
-diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu
-index d4fad85..0b22009 100644
---- a/examples/apparmor/libvirt-qemu
-+++ b/examples/apparmor/libvirt-qemu
-@@ -86,6 +86,8 @@
-   /usr/share/AAVMF/** r,
-   /usr/share/qemu-efi/** r,
-   /usr/share/slof/** r,
-+  /usr/share/seavgabios/** r,
-+  /usr/share/edk2-ovmf/** r,
- 
-   # access PKI infrastructure
-   /etc/pki/libvirt-vnc/** r,
-diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
-deleted file mode 100644
-index bd6181d..0000000
---- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
-+++ /dev/null
-@@ -1,60 +0,0 @@
--# Last Modified: Mon Apr  5 15:10:27 2010
--#include <tunables/global>
--
--profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
--  #include <abstractions/base>
--
--  # needed for searching directories
--  capability dac_override,
--  capability dac_read_search,
--
--  # needed for when disk is on a network filesystem
--  network inet,
--  network inet6,
--
--  deny @{PROC}/[0-9]*/mounts r,
--  @{PROC}/[0-9]*/net/psched r,
--  owner @{PROC}/[0-9]*/status r,
--  @{PROC}/filesystems r,
--
--  /etc/libnl-3/classid r,
--
--  # for hostdev
--  /sys/devices/ r,
--  /sys/devices/** r,
--  deny /dev/sd* r,
--  deny /dev/vd* r,
--  deny /dev/dm-* r,
--  deny /dev/drbd[0-9]* r,
--  deny /dev/dasd* r,
--  deny /dev/nvme* r,
--  deny /dev/zd[0-9]* r,
--  deny /dev/mapper/ r,
--  deny /dev/mapper/* r,
--
--  /usr/{lib,lib64}/libvirt/virt-aa-helper mr,
--  /{usr/,}sbin/apparmor_parser Ux,
--
--  /etc/apparmor.d/libvirt/* r,
--  /etc/apparmor.d/libvirt/libvirt-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]* rw,
--
--  # for backingstore -- allow access to non-hidden files in @{HOME} as well
--  # as storage pools
--  audit deny @{HOME}/.* mrwkl,
--  audit deny @{HOME}/.*/ rw,
--  audit deny @{HOME}/.*/** mrwkl,
--  audit deny @{HOME}/bin/ rw,
--  audit deny @{HOME}/bin/** mrwkl,
--  @{HOME}/ r,
--  @{HOME}/** r,
--  /var/lib/libvirt/images/ r,
--  /var/lib/libvirt/images/** r,
--  /{media,mnt,opt,srv}/** r,
--
--  /**.img r,
--  /**.qcow{,2} r,
--  /**.qed r,
--  /**.vmdk r,
--  /**.[iI][sS][oO] r,
--  /**/disk{,.*} r,
--}
-diff --git a/examples/apparmor/usr.sbin.libvirtd b/examples/apparmor/usr.sbin.libvirtd
-index 8d61d15..656a559 100644
---- a/examples/apparmor/usr.sbin.libvirtd
-+++ b/examples/apparmor/usr.sbin.libvirtd
-@@ -84,8 +84,10 @@
-   audit deny /sys/kernel/security/apparmor/.* rwxl,
-   /sys/kernel/security/apparmor/profiles r,
-   /usr/{lib,lib64}/libvirt/* PUxr,
--  /usr/{lib,lib64}/libvirt/libvirt_parthelper ix,
--  /usr/{lib,lib64}/libvirt/libvirt_iohelper ix,
-+  /usr/libexec/virt-aa-helper PUxr,
-+  /usr/libexec/libvirt_lxc PUxr,
-+  /usr/libexec/libvirt_parthelper ix,
-+  /usr/libexec/libvirt_iohelper ix,
-   /etc/libvirt/hooks/** rmix,
-   /etc/xen/scripts/** rmix,
-