[apparmor] [PATCH] update dnsmasq profile for network manager integration
Steve Beattie
steve at nxnw.org
Tue Jan 17 23:30:26 UTC 2012
On Tue, Jan 17, 2012 at 07:56:18AM -0600, Jamie Strandboge wrote:
> In Ubuntu 12.04, NetworkManager will spawn a dnsmasq non-caching local
> resolver specifying a dnsmasq conffile of /var/run/nm-dns-dnsmasq.conf.
> This updates the profile to allow read access to this file.
I'm okay with this (in other words, Acked-By: Steve Beattie
<sbeattie at ubuntu.com>), but how stable is this feature? Are there likely
more fixes coming that will require additional access?
> ------------------------------------------------------------
> revno: 1928
> committer: Jamie Strandboge <jamie at canonical.com>
> branch nick: apparmor-trunk
> timestamp: Tue 2012-01-17 07:12:02 -0600
> message:
> Adjust dnsmasq profile for read access to /{,var/}run/nm-dns-dnsmasq.conf
> which is needed by NetworkManager integration in Ubuntu. (LP: #917628)
>
> Acked-by: Jamie Strandboge <jamie at canonical.com>
> diff:
> === modified file 'profiles/apparmor.d/usr.sbin.dnsmasq'
> --- profiles/apparmor.d/usr.sbin.dnsmasq 2011-12-17 17:20:53 +0000
> +++ profiles/apparmor.d/usr.sbin.dnsmasq 2012-01-17 13:12:02 +0000
> @@ -51,6 +51,9 @@
> /{,var/}run/libvirt/network/ r,
> /{,var/}run/libvirt/network/*.pid rw,
>
> + # NetworkManager integration
> + /{,var/}run/nm-dns-dnsmasq.conf r,
> +
> # Site-specific additions and overrides. See local/README for details.
> #include <local/usr.sbin.dnsmasq>
> }
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120117/f55916f0/attachment.pgp>
More information about the AppArmor
mailing list