[apparmor] [patch] openSUSE profile patches - part 1

Christian Boltz apparmor at cboltz.de
Mon Aug 8 20:39:41 UTC 2011 

Hello,

@Jeff: Can you please answer Steve's questions regarding the 
apparmor-2.5.1-edirectory-profile and apparmor-2.5.1-ldapclient-profile 
patches? (I removed that part from this mail, just reply to Steve's mail 
directly.)

Am Montag, 8. August 2011 schrieb Steve Beattie:
> On Sat, Aug 06, 2011 at 01:46:28PM +0200, Christian Boltz wrote:
> > the openSUSE apparmor package contains several profile patches.
> > Jeff asked me to get them upstream ;-)
> 
> Thanks. At one point I reviewed and incorporated some of the patches
> that openSUSE is carrying, but I neglected to send feedback on why I
> didn't incorporate the ones I didn't take; sorry about that.

No problem, but be warned that there are some more patches (not related 
to profiles) left. I'll post them whenever I have some time.


> > From: Jeff Mahoney <jeffm at suse.com>
> > Subject: profile: ntpd -N needs sys_nice
> > References: bnc#657054

> Acked-By: Steve Beattie <sbeattie at ubuntu.com>

Commited to master.


> > From: Jeff Mahoney <jeffm at suse.com>
> > Subject: profiles: Add openssl abstraction
> > References: bnc#623886

> Acked-By: Steve Beattie <sbeattie at ubuntu.com>
> 
> (though a similar copyright header for the added abstraction similar
> to other abstractions would be appreciated.)

Commited to master (with copyright header in the abstraction).


> > From: Jeff Mahoney <jeffm at suse.com>
> > Subject: dhcpd: Fix apparmor profile
> > References: bnc#692428

> > Question:
> > -  /var/lib/dhcp/dhcpd.leases*  rwl,
> > +  /var/lib/dhcp/db/dhcpd.leases*       rwl,
> > 
> > Should I use {,db/} for backward compatibility? Or was the path
> > wrong from the beginning? (On openSUSE 11.4, the path with
> > .../db/... is correct, and I don't have dhcpd running on an older
> > system.)
> 
> On the current Ubuntu development release, isc-dhcp-server looks to
> use /var/lib/dhcp/dhcpd.leases*, so I'd use the backwards compatible
> option. Also note that on older Ubuntu releases, the dhcpd.leases*
> files live in /var/lib/dhcp3/.
> 
> Otherwise, this is fine.

Commited to master with
    /var/lib/dhcp/{db/,}dhcpd.leases*    rwl,

Older Ubuntu releases probably don't use master (and even if they do, it 
won't be more broken than before ;-) - therefore I didn't include the 
"dhcp3" option.


Regards,

Christian Boltz
-- 
>Und _WEHE!_ einer faengt von PHP5 an, dann bekomm ich nen Schreikrampf!
Hol schonmal Luft. Sobald das Teil in unstable auftaucht... :-)
[> David Haller und Ratti in fontlinge-devel]

More information about the AppArmor mailing list