[apparmor] [patch] extra profiles: update vsftpd profile
Steve Beattie
steve at nxnw.org
Tue Dec 2 17:17:08 UTC 2014
On Mon, Dec 01, 2014 at 11:47:07PM +0100, Christian Boltz wrote:
> that's what you get from manually beautifying a profile before sending a
> patch - it's @{pid}, not @{PID}.
>
> Updated patch:
Acked-by: Steve Beattie <steve at nxnw.org>
It'd be nice to fix up the tab vs whitespace issue in a couple of lines
while you're there. (No need for review.)
> === modified file 'profiles/apparmor/profiles/extras/usr.sbin.vsftpd'
> --- profiles/apparmor/profiles/extras/usr.sbin.vsftpd 2010-12-20 20:29:10 +0000
> +++ profiles/apparmor/profiles/extras/usr.sbin.vsftpd 2014-12-01 22:45:57 +0000
> @@ -1,6 +1,7 @@
> # ------------------------------------------------------------------
> #
> # Copyright (C) 2002-2005 Novell/SUSE
> +# Copyright (C) 2014 Christian Boltz
> #
> # This program is free software; you can redistribute it and/or
> # modify it under the terms of version 2 of the GNU General Public
> @@ -16,14 +17,18 @@
> #include <abstractions/authentication>
>
> /dev/urandom r,
> + /etc/environment r,
> /etc/fstab r,
> + /etc/ftpusers r,
> /etc/hosts.allow r,
> /etc/hosts.deny r,
> /etc/mtab r,
> /etc/shells r,
> /etc/vsftpd.* r,
> /etc/vsftpd/* r,
> + /@{PROC}/@{pid}/mounts r,
> /usr/sbin/vsftpd rmix,
> + /{,var/}run/utmp rk,
> /var/log/vsftpd.log w,
> /var/log/xferlog w,
> # anon chroots
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20141202/5e0c8b6c/attachment.pgp>
More information about the AppArmor
mailing list