File c264eea-virt-aa-helper-sandbox.patch of Package libvirt.11695

From c264eeaa381a917f01ba74526bf202073358a9dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Date: Thu, 20 Nov 2014 11:32:38 +0100
Subject: [PATCH 2/5] virt-aa-helper: /etc/libvirt-sandbox/services isn't
 restricted

To get virt-sandbox-service working with AppArmor, virt-aa-helper
needs not to choke on path in /etc/libvirt-sandbox/services.
---
 src/security/virt-aa-helper.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Index: libvirt-1.2.5/src/security/virt-aa-helper.c
===================================================================
--- libvirt-1.2.5.orig/src/security/virt-aa-helper.c
+++ libvirt-1.2.5/src/security/virt-aa-helper.c
@@ -559,7 +559,8 @@ valid_path(const char *path, const bool
     };
     /* override the above with these */
     const char * const override[] = {
-        "/sys/devices/pci"	/* for hostdev pci devices */
+        "/sys/devices/pci",	/* for hostdev pci devices */
+        "/etc/libvirt-sandbox/services/" /* for virt-sandbox service config */
     };
 
     if (path == NULL) {