[apparmor] [patch] smbd profile + smbldap-useradd
Christian Boltz
apparmor at cboltz.de
Wed Jan 4 18:43:35 UTC 2012
Hello,
when using smbldap-useradd using this smb.conf entry
add machine script = /usr/sbin/smbldap-useradd -t 5 -w "%u"
smbd obviously needs x permissions for smbldap-useradd.
The patch also adds a new profile for usr.sbin.smbldap-useradd (based on
the audit.log from alexis Pellicier).
Additionally, I moved the "/etc/samba/* rwk" rule next to the other
/etc-related rules in the smbd profile.
References: https://bugzilla.novell.com/show_bug.cgi?id=738041
I also nominate this patch for the 2.7 branch - even if it adds a new
profile, it's "just" a bugfix (and I doubt someone calls smbldap-useradd
manually).
Regards,
Christian Boltz
--
>> BTW an alle: ich weiss nicht, wie ich auf die Leser hier wirke, ich
>> kann da nur aus den Mails ableiten, aber wenn ich mal daneben liege,
>> dann will ich korrigiert werden bzw. einen Widerspruch bekommen.
> Dein Wunsch sei Dir erfüllt ;-)
*g* Danke.
[>> David Haller und > Christian Boltz in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smb.diff
Type: text/x-patch
Size: 1719 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120104/a4b9115c/attachment.bin>
More information about the AppArmor
mailing list