[apparmor] [patch] adjust unbound profile for openSUSE
Christian Boltz
apparmor at cboltz.de
Mon Feb 1 20:55:08 UTC 2016
Hello,
Am Montag, 1. Februar 2016, 15:23:46 CET schrieb Simon Deziel:
> On 2016-01-31 11:56 AM, Christian Boltz wrote:
> > As a sidenote - the capabilities fowner, fsetid and sys_chroot are
> > not needed on openSUSE.
>
> sys_chroot is needed but fowner/fsetid should be dropped. I just
> tested this on Ubuntu and they are not used any more. I audited all
> the other capabilities and they are used by Unbound 1.5.7.
>
> The fowner/fsetid are probably leftovers from the initial profile I
> had created for Ubuntu Precise.
>
> Should I send a follow-up patch or you'll drop fowner/fsetid when
> committing?
Your mail was a bit late (I already commited my patch), so please send a
patch or merge request ;-)
Regards,
Christian Boltz
--
> [1] Schmerzen wg. einer Zerrung
> --
> Nicht alles, was hinkt, ist ein Vergleich.
In manchen Fällen ist es auch ein David Haller... *SCNR*
[> David Haller und Mario van der Linde in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160201/db51824a/attachment.pgp>
More information about the AppArmor
mailing list