[apparmor] [patch] adjust unbound profile for openSUSE

Christian Boltz apparmor at cboltz.de
Mon Feb 1 20:55:08 UTC 2016


Am Montag, 1. Februar 2016, 15:23:46 CET schrieb Simon Deziel:
> On 2016-01-31 11:56 AM, Christian Boltz wrote:

> > As a sidenote - the capabilities fowner, fsetid and sys_chroot are
> > not needed on openSUSE.
> sys_chroot is needed but fowner/fsetid should be dropped. I just
> tested this on Ubuntu and they are not used any more. I audited all
> the other capabilities and they are used by Unbound 1.5.7.
> The fowner/fsetid are probably leftovers from the initial profile I
> had created for Ubuntu Precise.
> Should I send a follow-up patch or you'll drop fowner/fsetid when
> committing?

Your mail was a bit late (I already commited my patch), so please send a 
patch or merge request ;-)


Christian Boltz
> [1] Schmerzen wg. einer Zerrung
> --
> Nicht alles, was hinkt, ist ein Vergleich.
In manchen Fällen ist es auch ein David Haller... *SCNR*
[> David Haller und Mario van der Linde in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160201/db51824a/attachment.pgp>

More information about the AppArmor mailing list