[apparmor] profile for samba winbindd
Christian Boltz
apparmor at cboltz.de
Wed May 9 22:42:17 UTC 2012
Hello,
this is the profile for samba's winbindd I added to the openSUSE package
(in Factory) some time ago. Until now I didn't receive any bugreports so
I'd say it's complete ;-)
I propose to add this profile to profiles/apparmor.d/ to have it active
by default.
# Last Modified: Mon Mar 26 20:28:18 2012
#include <tunables/global>
/usr/sbin/winbindd {
#include <abstractions/base>
#include <abstractions/nameservice>
/etc/samba/dhcp.conf r,
/etc/samba/passdb.tdb rwk,
/etc/samba/secrets.tdb rwk,
/proc/sys/kernel/core_pattern r,
/tmp/.winbindd/ w,
/usr/lib*/samba/idmap/*.so mr,
/usr/lib*/samba/nss_info/*.so mr,
/usr/sbin/winbindd mr,
/var/lib/samba/account_policy.tdb rwk,
/var/lib/samba/gencache.tdb rwk,
/var/lib/samba/gencache_notrans.tdb rwk,
/var/lib/samba/group_mapping.tdb rwk,
/var/lib/samba/messages.tdb rwk,
/var/lib/samba/netsamlogon_cache.tdb rwk,
/var/lib/samba/serverid.tdb rwk,
/var/lib/samba/winbindd_cache.tdb rwk,
/var/lib/samba/winbindd_privileged/pipe w,
/var/log/samba/cores/ rw,
/var/log/samba/cores/winbindd/ rw,
/var/log/samba/cores/winbindd/** rw,
/var/log/samba/log.wb-* w,
/var/log/samba/log.winbindd rw,
/{var/,}run/samba/winbindd.pid rwk,
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.sbin.winbindd>
}
Regards,
Christian Boltz
--
> Ich habe immer so Bißspuren in meiner Tastatur!
> Weiß jemand wieso?
Ist Deine Maus hungrig?
[> Bernd Brodesser und Hannes Vogelmann in suse-linux]
More information about the AppArmor
mailing list