[apparmor] [patch] update paths in nscd profile to allow /run/nscd
Seth Arnold
seth.arnold at canonical.com
Mon Nov 17 18:57:18 UTC 2014
On Sun, Nov 16, 2014 at 03:05:31PM +0100, Christian Boltz wrote:
> Hello,
>
> this patch allows the usage of /run/nscd/ for runtime files in the nscd
> profile.
>
> References: https://bugzilla.novell.com/show_bug.cgi?id=904620#c14
>
> Notes and questions:
> There are some differences to abstractions/nameservice:
> - the nscd profile doesn't cover /var/db/ - is this used by some
> distribution?
> - abstractions/nameservice allows "host" instead of "hosts". Is this
> really correct/intentional or is it a bug in the abstraction?
Looks like a bug: http://codesearch.debian.net/search?q=nscd%2Fhost
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
>
>
> === modified file 'profiles/apparmor.d/usr.sbin.nscd'
> --- profiles/apparmor.d/usr.sbin.nscd 2013-10-09 12:39:58 +0000
> +++ profiles/apparmor.d/usr.sbin.nscd 2014-11-16 14:02:06 +0000
> @@ -28,7 +28,7 @@
> /{,var/}run/nscd/ rw,
> /{,var/}run/nscd/db* rwl,
> /{,var/}run/nscd/socket wl,
> - /var/{cache,run}/nscd/{passwd,group,services,hosts,netgroup} rw,
> + /{var/cache,var/run,run}/nscd/{passwd,group,services,hosts,netgroup} rw,
> /{,var/}run/{nscd/,}nscd.pid rwl,
> /var/log/nscd.log rw,
> @{PROC}/@{pid}/fd/ r,
>
>
>
>
> Regards,
>
> Christian Boltz
> --
> > [feste Stringlängen in C] Dafür gibt's #defines.
> Und jedesmal ein neuer Build, wenn sich irgendwo eine Länge ändert.
> Cool! Den Versionszähler kann man sich dann als Ventilator in die
> Küche hängen ;-) [> Thorsten Haude und Jan Trippler in suse-linux]
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20141117/6542b6dc/attachment.pgp>
More information about the AppArmor
mailing list