[apparmor] [patch] (u)nscd setuid/setgid to non-root user
Steve Beattie
steve at nxnw.org
Tue Aug 23 23:27:12 UTC 2011
On Wed, Aug 24, 2011 at 01:06:42AM +0200, Christian Boltz wrote:
> Am Mittwoch, 24. August 2011 schrieb Steve Beattie:
> > though it really
> > seems these ought to be using the alternatives system. OTOH, if
> > the permission set is roughly the same, not using the alternatives
> > simplifies policy management for us a bit.
>
> In case of nscd vs. unscd it is a simple Conflicts: in the specfile.
> Both work with nearly the same profile and having two different *nscd
> daemons installed at the same time is pointless. Therefore the
> Conflicts: tag looks like a good solution to me.
>
> Yes, using alternatives is probably the "technically correct"[tm]
> solution, but it also makes things more difficult.
>
> Managing the alternatives using rpm Conflicts: is "good enough"[tm]
> in this case and makes handling much easier.
>
> BTW: Does Debian or Ubuntu ship alternative *nscd daemons? If yes, how
> is it handled there?
Yes, both distros include them in their archive (Ubuntu and its
derivatives don't install either by default), and it looks they
are managed in the same way, via a Conflicts: tag.
Anyway. Thanks!
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110823/b82d4bf8/attachment.pgp>
More information about the AppArmor
mailing list