Accepting request 941674 from home:npower:branches:security:apparmor
- Modify add-samba-bgqd.diff: Add new rule to fix new "DENIED operation="file_mmap" violation in SLE15-SP4; (bsc#1192336). OBS-URL: https://build.opensuse.org/request/show/941674 OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=312
This commit is contained in:
Git OBS Bridge
parent
880c63e84b
commit
29f71f58a2
@ -14,12 +14,11 @@ Date: Fri Oct 15 22:02:36 2021 +0200
|
|||||||
|
|
||||||
Fixes: https://bugzilla.opensuse.org/show_bug.cgi?id=1191532
|
Fixes: https://bugzilla.opensuse.org/show_bug.cgi?id=1191532
|
||||||
|
|
||||||
diff --git a/profiles/apparmor.d/samba-bgqd b/profiles/apparmor.d/samba-bgqd
|
Index: apparmor-3.0.3/profiles/apparmor.d/samba-bgqd
|
||||||
new file mode 100644
|
===================================================================
|
||||||
index 00000000..c81c64f1
|
|
||||||
--- /dev/null
|
--- /dev/null
|
||||||
+++ b/profiles/apparmor.d/samba-bgqd
|
+++ apparmor-3.0.3/profiles/apparmor.d/samba-bgqd
|
||||||
@@ -0,0 +1,18 @@
|
@@ -0,0 +1,20 @@
|
||||||
+abi <abi/3.0>,
|
+abi <abi/3.0>,
|
||||||
+
|
+
|
||||||
+include <tunables/global>
|
+include <tunables/global>
|
||||||
@ -35,13 +34,15 @@ index 00000000..c81c64f1
|
|||||||
+ @{PROC}/sys/kernel/core_pattern r,
|
+ @{PROC}/sys/kernel/core_pattern r,
|
||||||
+ @{run}/samba/samba-bgqd.pid wk,
|
+ @{run}/samba/samba-bgqd.pid wk,
|
||||||
+
|
+
|
||||||
|
+ /usr/lib*/samba/samba-bgqd m,
|
||||||
|
+
|
||||||
+ # Site-specific additions and overrides. See local/README for details.
|
+ # Site-specific additions and overrides. See local/README for details.
|
||||||
+ include if exists <local/samba-bgqd>
|
+ include if exists <local/samba-bgqd>
|
||||||
+}
|
+}
|
||||||
diff --git a/profiles/apparmor.d/usr.sbin.smbd b/profiles/apparmor.d/usr.sbin.smbd
|
Index: apparmor-3.0.3/profiles/apparmor.d/usr.sbin.smbd
|
||||||
index 92305564..b8fdad15 100644
|
===================================================================
|
||||||
--- a/profiles/apparmor.d/usr.sbin.smbd
|
--- apparmor-3.0.3.orig/profiles/apparmor.d/usr.sbin.smbd
|
||||||
+++ b/profiles/apparmor.d/usr.sbin.smbd
|
+++ apparmor-3.0.3/profiles/apparmor.d/usr.sbin.smbd
|
||||||
@@ -24,6 +24,8 @@ profile smbd /usr/{bin,sbin}/smbd {
|
@@ -24,6 +24,8 @@ profile smbd /usr/{bin,sbin}/smbd {
|
||||||
capability sys_resource,
|
capability sys_resource,
|
||||||
capability sys_tty_config,
|
capability sys_tty_config,
|
||||||
|
|||||||
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Dec 20 11:01:50 UTC 2021 - Noel Power <nopower@suse.com>
|
||||||
|
|
||||||
|
- Modify add-samba-bgqd.diff: Add new rule to fix new "DENIED
|
||||||
|
operation="file_mmap" violation in SLE15-SP4; (bsc#1192336).
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sun Dec 19 21:42:54 UTC 2021 - Christian Boltz <suse-beta@cboltz.de>
|
Sun Dec 19 21:42:54 UTC 2021 - Christian Boltz <suse-beta@cboltz.de>
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user