[apparmor] [patch] profiles: add dovecot-common abstraction
Christian Boltz
apparmor at cboltz.de
Tue Jul 8 20:58:38 UTC 2014
Hello,
Am Montag, 7. Juli 2014 schrieb Steve Beattie:
> On Tue, Jul 01, 2014 at 11:06:06PM +0200, Christian Boltz wrote:
> > What's the reason for the "/{var/,}run/dovecot/config rw," rule?
> >
> > None of the dovecot profiles did contain this rule before...
>
> Honestly, I'm not enough of a dovecot expert to know for sure, but
> it's a socket that the /usr/lib/dovecot/config process listens to. It
> shares common code with the doveconf utility (src/config/ in the
> dovecot source tree[1]); I'm *guessing* it lets other dovecot
> processes avoid running doveconf to get parsed dovecot configuration
> info, but finding documentation on it on the dovecot wiki site seems
> beyond my abilities.
Sounds like a reasonable explanation.
Now the interesting question is why I never got any log events for
/{var/,}run/dovecot/config while using dovecot (both in complain and
enforce mode)...
Regards,
Christian Boltz
--
When that limitation is removed, there might be a tendency that
for 12.2 the live image is 800MB, the next 1GB, next one 1.5GB.
If not careful we end up with a live-blu-ray, live-data-centre
or a live-cloud ;-)) [Hans Witvliet in opensuse-factory]
More information about the AppArmor
mailing list