[apparmor] openSUSE profile patches - part 2
Steve Beattie
steve at nxnw.org
Tue Aug 9 08:16:49 UTC 2011
On Mon, Aug 08, 2011 at 09:10:03PM -0400, Jamie Strandboge wrote:
> On Mon, 2011-08-08 at 13:27 -0700, Steve Beattie wrote:
> > On Sat, Aug 06, 2011 at 02:30:52PM +0200, Christian Boltz wrote:
> > > Various profile fixes/additions
> > > From: Jeff Mahoney <jeffm at suse.com>
> > > Subject: dnsmasq: Profile fixes
> > > References: bnc#666090 bnc#678749
> > >
> > > Signed-off-by: Jeff Mahoney <jeffm at suse.com>
> > >
> > > Updated to match master by
> > > Christian Boltz <apparmor at cboltz.de>
> > > ---
> > > profiles/apparmor.d/usr.sbin.dnsmasq | 4 ++++
> > > 1 file changed, 4 insertions(+)
> > >
> > > --- a/profiles/apparmor.d/usr.sbin.dnsmasq
> > > +++ b/profiles/apparmor.d/usr.sbin.dnsmasq
> > >
> > > @@ -40,6 +42,8 @@
> > > # libvirt pid files for dnsmasq
> > > /{,var/}run/libvirt/network/ r,
> > > /{,var/}run/libvirt/network/*.pid rw,
> > > + /var/lib/libvirt/dnsmasq/ r,
> > > + /var/lib/libvirt/dnsmasq/*.hostsfile r,
> >
> > I think this is okay, but I'm not that knowledgeable about the
> > interaction between dnsmasq and libvirt.
> >
> ACK. In fact, I added something very similar in trunk's 1748. The added
> policy is good but think it would be clearer if we could keep all
> the /var/lib/libvirt/dnsmasq rules together (along with updating the
> comment added in 1748).
Ah, missed that, thanks Jamie. Christian, can you move the rule and
update the comment as Jamie suggests? I'm happy to pre-authorize an ACK
for that.
Thanks Christian and Jamie!
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110809/a774cb7b/attachment.pgp>
More information about the AppArmor
mailing list