[apparmor] [patch] Update the /sbin/dhclient profile
Christian Boltz
apparmor at cboltz.de
Tue Sep 8 21:58:14 UTC 2015
Hello,
Am Dienstag, 8. September 2015 schrieb Steve Beattie:
> On Sun, Sep 06, 2015 at 01:32:06PM +0200, Christian Boltz wrote:
> > Am Samstag, 15. August 2015 schrieb Christian Boltz:
> > > this patch adds some permissions that I need on my system:
> > > - execute nm-dhcp-helper
> > > - read and write /var/lib/dhcp6/dhclient.leases
> > > - read /var/lib/NetworkManager/dhclient-*.conf
> > > - read and write /var/lib/NetworkManager/dhclient-*.conf
> > >
> > > I propose this patch for trunk and 2.9.
> > >
> > > According to the apparmor-profiles repo, Ubuntu ships a
> > > (different?)
> > >
> > > profile for dhclient and Debian thinks about including it:
> > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795467
> > >
> > > so we should merge it and move it from extras to the default
> > > profiles
> > > (but that's something for another patch ;-)
> >
> > Any comments or reviews?
> >
> > If nobody objects, I'll commit to trunk and 2.9 as Acked-by
> > <timeout> on tuesday.
>
> Looking at what we have in the Ubuntu profile, these
> changes are all fine, though the profile Ubuntu ships has
> /usr/lib/NetworkManager/nm-dhcp-helper broken out into a separate
> profile (Px transition rather than ix).
That's why I wrote that the next step is to merge those profiles - but
that's worth a separate patch ;-)
I take your comment as a "looks-good-by" and will commit the updated
profile as proposed in the patch.
> > > [ update-dhclient-profile.diff ]
Regards,
Christian Boltz
--
> Brauchst Du die sig noch? Ich hab sie nämlich gerade geklaut ;-)
JA!! *uff* ich hab sie noch!!! :)
[> Christian Boltz und David Haller in suse-linux-faq]
More information about the AppArmor
mailing list