[apparmor] [patch] Allow /var/cache/samba/lck/* in abstractions/samba
Christian Boltz
apparmor at cboltz.de
Tue Oct 25 18:26:07 UTC 2016
Hello,
nmbd, winbindd (and most probably also smbd - but it has a more
permissive profile that already allows this) need rw access to
/var/cache/samba/lck/* on Debian 8.6.
Reported by FLD on IRC.
I propose this patch for trunk, 2.10 and 2.9.
[ abstractions-samba-lck.diff ]
--- profiles/apparmor.d/abstractions/samba 2016-10-14 00:35:27.514276563 +0200
+++ profiles/apparmor.d/abstractions/samba 2016-10-25 20:21:09.330928549 +0200
@@ -16,6 +16,7 @@
/usr/share/samba/*.dat r,
/usr/share/samba/codepages/{lowcase,upcase,valid}.dat r,
/var/cache/samba/ w,
+ /var/cache/samba/lck/* rw,
/var/lib/samba/** rwk,
/var/log/samba/cores/ rw,
/var/log/samba/cores/** rw,
Regards,
Christian Boltz
--
> I'm quite sure nobody will follow the "jump into the sea _now_" rule
> just because you offer a karma point for doing that ;-)
Too bad, +100 points for jumping into the sea _now_ was going to be my
first proposal :-)
[> Christian Boltz and Ancor Gonzalez Sosa in opensuse-project]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20161025/7fdb9e2d/attachment.pgp>
More information about the AppArmor
mailing list