[apparmor] [patch] extra profiles: update vsftpd profile
Christian Boltz
apparmor at cboltz.de
Mon Dec 1 22:47:07 UTC 2014
Hello,
that's what you get from manually beautifying a profile before sending a
patch - it's @{pid}, not @{PID}.
Updated patch:
=== modified file 'profiles/apparmor/profiles/extras/usr.sbin.vsftpd'
--- profiles/apparmor/profiles/extras/usr.sbin.vsftpd 2010-12-20 20:29:10 +0000
+++ profiles/apparmor/profiles/extras/usr.sbin.vsftpd 2014-12-01 22:45:57 +0000
@@ -1,6 +1,7 @@
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
+# Copyright (C) 2014 Christian Boltz
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
@@ -16,14 +17,18 @@
#include <abstractions/authentication>
/dev/urandom r,
+ /etc/environment r,
/etc/fstab r,
+ /etc/ftpusers r,
/etc/hosts.allow r,
/etc/hosts.deny r,
/etc/mtab r,
/etc/shells r,
/etc/vsftpd.* r,
/etc/vsftpd/* r,
+ /@{PROC}/@{pid}/mounts r,
/usr/sbin/vsftpd rmix,
+ /{,var/}run/utmp rk,
/var/log/vsftpd.log w,
/var/log/xferlog w,
# anon chroots
Regards,
Christian Boltz
--
> Das ist wieder so ein schöner Popcorn-Thread, zu dem ich
> meinen Senf dazu geben will:
Popcorn mit Senf....<schauder/> :-)
[> Jens Nixdorf und Rainer Koenig in suse-linux]
More information about the AppArmor
mailing list