Add profile for tinydns

Seth Arnold seth.arnold at gmail.com
Sun Jun 13 02:03:50 BST 2010


On Tue, Jun 8, 2010 at 9:40 AM, Steve Beattie <sbeattie at ubuntu.com> wrote:
> On Tue, Jun 08, 2010 at 10:39:33AM -0500, Jamie Strandboge wrote:
>> Seth Arnold submitted[1] an AppArmor profile for tinydns[2]:

ObNitpick: tinyproxy

>> > Not being a tinydns user, the profile looks ok to me, though I might
>> > suggest the following (untested) refinements:
>> >
>> >   @{HOME}/tinyproxy/ r,
>>
>> I think this should be @{HOMEDIRS}/tinyproxy/ r,

Agreed. Thanks.

> I suspect the latter is correct.  Seth, is this
> entry based on adding a tinyproxy user as a fix for
> https://bugs.launchpad.net/ubuntu/+source/tinyproxy/+bug/590634
> and/or do you know what tinyproxy is doing there (looks like just
> a readdir())?

Steve is correct, I created a tinyproxy user for my tinyproxy service,
and generated a profile to reflect that. I don't think tinyproxy does
anything useful with its home directory in my configuration, but it
can be configured to give back per-error-code HTML pages with variable
interpolation for 301, 302, .. 403, 404, ... and so forth. Storing
those pages in its home directory would make sense.



More information about the AppArmor mailing list