[Bug 317109] Re: Apparmour doesnt support use of /etc/ssl/<servicename>
Jamie Strandboge
jamie at ubuntu.com
Sat Jan 24 14:15:00 GMT 2009
I just check the apparmor profiles for Hardy, Intrepid and Jaunty, and they all have (after including the abstractions):
#include <abstractions/ssl_certs>
/etc/ssl/private/ r,
/etc/ssl/private/* r,
This works out to:
/etc/ssl/ r,
/etc/ssl/certs/ r,
/etc/ssl/certs/* r,
/etc/ssl/private/ r,
/etc/ssl/private/* r,
I think if this is going to be fixed, it should be fixed in the apparmor package, so am moving it there. The question then becomes, should /etc/apparmor.d/abstractions/ssl_certs become:
/etc/ssl/ r,
/etc/ssl/* r,
This would obviate the need for references to /etc/ssl/private/ (and
abstractions/ssl_keys on Jaunty). What do people think?
** Changed in: openldap2.3 (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) => (unassigned)
Status: Confirmed => Invalid
** Changed in: apparmor (Ubuntu)
Sourcepackagename: openldap => apparmor
--
Apparmour doesnt support use of /etc/ssl/<servicename>
https://bugs.launchpad.net/bugs/317109
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap2.3 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list