[apparmor] [PATCH] p11-kit abstraction update
Steve Beattie
steve at nxnw.org
Tue Jan 17 23:25:11 UTC 2012
On Tue, Jan 17, 2012 at 07:59:30AM -0600, Jamie Strandboge wrote:
> A bug in Ubuntu[1] was reported regarding mmap denials for pkcs library
> files. This patch updates the p11-kit abstraction to have:
> /usr/lib{,32,64}/pkcs11/*.so mr,
> /usr/lib/@{multiarch}/pkcs11/*.so mr,
>
> [1]https:/launchpad.net/bugs/917639
Acked-By: Steve Beattie <sbeattie at ubuntu.com> for both trunk and the 2.7
branch. Thanks!
> ------------------------------------------------------------
> revno: 1929
> committer: Jamie Strandboge <jamie at canonical.com>
> branch nick: apparmor-trunk
> timestamp: Tue 2012-01-17 07:39:49 -0600
> message:
> update p11-kit to allow mmap of libraries in pkcs directories
> diff:
> === modified file 'profiles/apparmor.d/abstractions/p11-kit'
> --- profiles/apparmor.d/abstractions/p11-kit 2012-01-06 17:45:44 +0000
> +++ profiles/apparmor.d/abstractions/p11-kit 2012-01-17 13:39:49 +0000
> @@ -13,6 +13,9 @@
> /etc/pkcs11/modules/ r,
> /etc/pkcs11/modules/* r,
>
> + /usr/lib{,32,64}/pkcs11/*.so mr,
> + /usr/lib/@{multiarch}/pkcs11/*.so mr,
> +
> # p11-kit also supports reading user configuration from ~/.pkcs11 depending
> # on how /etc/pkcs11/pkcs11.conf is configured. This should generally not be
> # included in this abstraction.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120117/f90737d1/attachment.pgp>
More information about the AppArmor
mailing list