[apparmor] [patch] update dovecot-lda profile
apparmor at cboltz.de
Thu Apr 6 22:24:59 UTC 2017
Am Montag, 3. April 2017, 23:17:51 CEST schrieb Steve Beattie:
> On Sun, Apr 02, 2017 at 01:20:52PM +0200, Christian Boltz wrote:
> > dovecot-lda needs
> > - the attach_disconnected flags
> > - read access to /usr/share/dovecot/protocols.d/
> > - rw for /run/dovecot/auth-userdb
> > References: https://bugs.launchpad.net/bugs/1650827
> > I propose this patch for 2.9, 2.10 and trunk.
> Acked-by: Steve Beattie <steve at nxnw.org> for all three, though...
> > [ dovecot-lda-lp1650827.diff ]
> > === modified file 'profiles/apparmor.d/usr.lib.dovecot.dovecot-lda'
> > + /usr/share/dovecot/protocols.d/ r,
> I'm surprised that there isn't any need to read files in that
> directory. Unless in this configuration there's nothing within that
> directory for dovecot-lda specifically.
Theoretically a good point, but -
On my system, the directory doesn't even exist, so let's just wait until
someone complains about permission errors inside that directory ;-)
Also, the log messages in the bugreport were for complain mode, and
there was only a log event for the directory, not for any files in it.
> I'd like to see systemctl accepting "abbreviated" service names, as
> in without the ".service" which is so very redundant, for starters.
You must love the speed we implement your wishes!
Frederic went ahead and commited your wish like... 6 months ago or so :)
[> Claudio Freire and Dominique Leuenberger in opensuse-packaging]
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part.
More information about the AppArmor