[apparmor] phpsysinfo policy updates

Seth Arnold seth.arnold at canonical.com
Mon Sep 8 23:42:42 UTC 2014 

On Mon, Sep 08, 2014 at 04:29:03PM -0500, Jamie Strandboge wrote:
> 
> phpsysinfo on Ubuntu 14.10 needs some updates. Here is a patch to do that.
> 
> -- 
> Jamie Strandboge                 http://www.ubuntu.com/

If it needs /etc/udev/udev.conf I'm surprised it didn't want /etc/udev/**
as well.

Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks

> Author: Jamie Strandboge <jamie at canonical.com>
> Description: miscellaneous updates for phpsysinfo on Ubuntu 14.10
> Forwarded: yes
> 
> Index: apparmor-2.8.96~2652/profiles/apparmor.d/apache2.d/phpsysinfo
> ===================================================================
> --- apparmor-2.8.96~2652.orig/profiles/apparmor.d/apache2.d/phpsysinfo
> +++ apparmor-2.8.96~2652/profiles/apparmor.d/apache2.d/phpsysinfo
> @@ -5,6 +5,7 @@
>      #include <abstractions/apache2-common>
>      #include <abstractions/base>
>      #include <abstractions/nameservice>
> +    #include <abstractions/php5>
>      #include <abstractions/python>
>  
>      /bin/dash ixr,
> @@ -17,24 +18,31 @@
>      /etc/lsb-release r,
>      /etc/mtab r,
>      /etc/phpsysinfo/config.php r,
> +    /etc/udev/udev.conf r,
>      @{PROC}/** r,
> +    /sys/bus/ r,
>      /sys/bus/pci/devices/ r,
> +    /sys/bus/pci/slots/ r,
> +    /sys/bus/pci/slots/** r,
> +    /sys/bus/usb/devices/ r,
> +    /sys/class/ r,
>      /sys/devices/** r,
> +    /usr/bin/ r,
>      /usr/bin/apt-cache ixr,
>      /usr/bin/dpkg-query ixr,
>      /usr/bin/lsb_release ixr,
>      /usr/bin/lspci ixr,
>      /usr/bin/who ixr,
> -    /usr/sbin/lsusb ixr,
> +    /usr/{,s}bin/lsusb ixr,
>      /usr/share/phpsysinfo/** r,
> +    /var/lib/dpkg/arch r,
>      /var/lib/dpkg/available r,
>      /var/lib/dpkg/status r,
>      /var/lib/dpkg/triggers/* r,
>      /var/lib/dpkg/updates/ r,
> -    /var/lib/misc/usb.ids r,
> +    /var/lib/{misc,usbutils}/usb.ids r,
>      /var/log/apache2/access.log w,
>      /var/log/apache2/error.log w,
>      /{,var/}run/utmp rk,
>      /usr/share/misc/pci.ids r,
> -
>    }




> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140908/d3ce2f54/attachment.pgp>

More information about the AppArmor mailing list