[apparmor] [PATCH] 03/04 avahi profile update for netlink
Seth Arnold
seth.arnold at canonical.com
Wed Sep 3 19:14:48 UTC 2014
On Wed, Aug 27, 2014 at 04:48:52PM -0500, Jamie Strandboge wrote:
> On 08/27/2014 04:34 PM, Jamie Strandboge wrote:
> > Starting a subthread for some additions to John's patches. This series assumes
> > John's 12 patches are applied and includes updates to the apparmor.d man page
> > and some policy updates. I expect I might have to adjust this a bit, but wanted
> > to send it up for comment. Let's have an ACK mean to apply it once it is safe to
> > do so.
> >
> avahi uses the less common SOCK_DGRAM type instead of SOCK_RAW with netlink, so
> add rule for that.
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
>
>
> --
> Jamie Strandboge http://www.ubuntu.com/
> Author: Jamie Strandboge <jamie at canonical.com>
> Description: update avahi-daemon for fine-grained netlink mediation
> Forwarded: no
>
> Index: apparmor-2.8.96~2541/profiles/apparmor.d/usr.sbin.avahi-daemon
> ===================================================================
> --- apparmor-2.8.96~2541.orig/profiles/apparmor.d/usr.sbin.avahi-daemon
> +++ apparmor-2.8.96~2541/profiles/apparmor.d/usr.sbin.avahi-daemon
> @@ -12,6 +12,8 @@
> capability setgid,
> capability sys_chroot,
>
> + network netlink dgram,
> +
> /etc/avahi/ r,
> /etc/avahi/avahi-daemon.conf r,
> /etc/avahi/hosts r,
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140903/cff7d911/attachment.pgp>
More information about the AppArmor
mailing list