[apparmor] [patch] make tftp server for dnsmasq working
Christian Boltz
apparmor at cboltz.de
Fri Apr 6 23:00:06 UTC 2012
Hello,
Am Freitag, 6. April 2012 schrieb Steve Beattie:
> On Fri, Apr 06, 2012 at 03:21:39PM +0200, Christian Boltz wrote:
> > If tftp server for dnsmasq is configured it won't serve the boot
> > file. This patch adds read permissions for /srv/tftpboot/
> >
> > References: https://bugzilla.novell.com/show_bug.cgi?id=738905
> >
> > I propose this patch for trunk and the 2.7 branch.
>
> NACK, that's what the @{TFTP_DIR} variable definition at the top of
> the profile is for.
Good catch - I overlooked this variable.
> (We can argue about what the default setting for that variable ought
> to be...)
I'll try to argue with an updated patch ;-) and still propose it for
trunk and the 2.7 branch.
=== modified file 'profiles/apparmor.d/usr.sbin.dnsmasq'
--- profiles/apparmor.d/usr.sbin.dnsmasq
+++ profiles/apparmor.d/usr.sbin.dnsmasq
@@ -9,7 +9,7 @@
#
# ------------------------------------------------------------------
-@{TFTP_DIR}=/var/tftp
+@{TFTP_DIR}=/var/tftp /srv/tftpboot
#include <tunables/global>
/usr/sbin/dnsmasq {
Regards,
Christian Boltz
--
> good luck,
Usually "good luck" is going together with "as I told you before" :)
[> Greg KH and Johannes Nohl in opensuse-project]
More information about the AppArmor
mailing list