[apparmor] openSUSE profile patches - part 2

Jamie Strandboge jamie at canonical.com
Tue Aug 9 01:10:03 UTC 2011


On Mon, 2011-08-08 at 13:27 -0700, Steve Beattie wrote:
> Once again, comments inline.
> 
> On Sat, Aug 06, 2011 at 02:30:52PM +0200, Christian Boltz wrote:
> > Various profile fixes/additions
> > From: Jeff Mahoney <jeffm at suse.com>
> > Subject: dnsmasq: Profile fixes
> > References: bnc#666090 bnc#678749
> > 
> > Signed-off-by: Jeff Mahoney <jeffm at suse.com>
> > 
> > Updated to match master by
> > Christian Boltz <apparmor at cboltz.de>
> > ---
> >  profiles/apparmor.d/usr.sbin.dnsmasq |    4 ++++
> >  1 file changed, 4 insertions(+)
> > 
> > --- a/profiles/apparmor.d/usr.sbin.dnsmasq
> > +++ b/profiles/apparmor.d/usr.sbin.dnsmasq
> >  
> > @@ -40,6 +42,8 @@
> >    # libvirt pid files for dnsmasq
> >    /{,var/}run/libvirt/network/      r,
> >    /{,var/}run/libvirt/network/*.pid rw,
> > +  /var/lib/libvirt/dnsmasq/            r,
> > +  /var/lib/libvirt/dnsmasq/*.hostsfile r,
> 
> I think this is okay, but I'm not that knowledgeable about the
> interaction between dnsmasq and libvirt.
> 
ACK. In fact, I added something very similar in trunk's 1748. The added
policy is good but think it would be clearer if we could keep all
the /var/lib/libvirt/dnsmasq rules together (along with updating the
comment added in 1748).

-- 
Jamie Strandboge             | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110808/b1e04bf2/attachment-0001.pgp>


More information about the AppArmor mailing list