File 70c2933d-apparmor-named-profiles.patch of Package libvirt.9813

commit 70c2933da24dc4b004118afe2f9acaeabc42c0ad
Author: Jim Fehlig <jfehlig@suse.com>
Date:   Fri Jan 11 17:26:03 2019 -0700

    apparmor: Add support for named profiles
    
    Upstream apparmor is switching to named profiles. In short,
    
    /usr/sbin/dnsmasq {
    
    becomes
    
    profile dnsmasq /usr/sbin/dnsmasq {
    
    Consequently, any profiles that reference profiles in a peer= condition
    need to be updated if the referenced profile switches to a named profile.
    Apparmor commit 9ab45d81 switched dnsmasq to a named profile. ATM it is
    the only named profile switch that has affected libvirt. Add rules to the
    libvirtd profile to reference dnsmasq in peer= conditions by profile name.
    
    Signed-off-by: Jim Fehlig <jfehlig@suse.com>

Index: libvirt-4.0.0/examples/apparmor/usr.sbin.libvirtd
===================================================================
--- libvirt-4.0.0.orig/examples/apparmor/usr.sbin.libvirtd
+++ libvirt-4.0.0/examples/apparmor/usr.sbin.libvirtd
@@ -58,9 +58,11 @@
 
   ptrace (read,trace) peer=unconfined,
   ptrace (read,trace) peer=/usr/sbin/libvirtd,
+  ptrace (read,trace) peer=dnsmasq,
   ptrace (read,trace) peer=/usr/sbin/dnsmasq,
   ptrace (read,trace) peer=libvirt-*,
 
+  signal (send) peer=dnsmasq,
   signal (send) peer=/usr/sbin/dnsmasq,
   signal (read, send) peer=libvirt-*,
   signal (send) set=("kill") peer=unconfined,