Accepting request 319660 from home:cboltz
- add apparmor-winbindd-r3213.diff - add missing k permissions for /etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19) OBS-URL: https://build.opensuse.org/request/show/319660 OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=138
This commit is contained in:
parent
7ae1344363
commit
3c2e40e824
29
apparmor-winbindd-r3213.diff
Normal file
29
apparmor-winbindd-r3213.diff
Normal file
@ -0,0 +1,29 @@
|
||||
------------------------------------------------------------
|
||||
revno: 3213
|
||||
committer: Christian Boltz <apparmor@cboltz.de>
|
||||
branch nick: apparmor
|
||||
timestamp: Thu 2015-07-30 22:03:02 +0200
|
||||
message:
|
||||
winbindd profile: allow k for /etc/samba/smbd.tmp/msg/*
|
||||
|
||||
References: https://bugzilla.opensuse.org/show_bug.cgi?id=921098 starting at comment 15
|
||||
|
||||
|
||||
Acked-by: Steve Beattie <steve@nxnw.org> for trunk and 2.9
|
||||
|
||||
|
||||
=== modified file 'profiles/apparmor.d/usr.sbin.winbindd'
|
||||
--- profiles/apparmor.d/usr.sbin.winbindd 2015-05-18 23:25:26 +0000
|
||||
+++ profiles/apparmor.d/usr.sbin.winbindd 2015-07-30 20:03:02 +0000
|
||||
@@ -15,7 +15,7 @@
|
||||
/etc/samba/secrets.tdb rwk,
|
||||
/etc/samba/smbd.tmp/ rw,
|
||||
/etc/samba/smbd.tmp/msg/ rw,
|
||||
- /etc/samba/smbd.tmp/msg/* rw,
|
||||
+ /etc/samba/smbd.tmp/msg/* rwk,
|
||||
@{PROC}/sys/kernel/core_pattern r,
|
||||
/tmp/.winbindd/ w,
|
||||
/tmp/krb5cc_* rwk,
|
||||
|
||||
|
||||
vim:ft=diff
|
@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 30 20:08:20 UTC 2015 - opensuse@cboltz.de
|
||||
|
||||
- add apparmor-winbindd-r3213.diff - add missing k permissions for
|
||||
/etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 23 22:16:35 UTC 2015 - opensuse@cboltz.de
|
||||
|
||||
|
@ -95,6 +95,9 @@ Patch7: apparmor-lessopen-profile.patch
|
||||
# boo#862170 - fix ugly initscript output (commited upstream trunk r3208)
|
||||
Patch8: fix-initscript-aa_log_end_msg.diff
|
||||
|
||||
# additional winbindd permissions (commited upstream trunk r3213, 2.9 r2946) - (boo#921098 #c15..19)
|
||||
Patch9: apparmor-winbindd-r3213.diff
|
||||
|
||||
Url: https://launchpad.net/apparmor
|
||||
PreReq: sed
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
@ -440,6 +443,7 @@ SubDomain.
|
||||
%patch6
|
||||
%patch7 -p1
|
||||
%patch8
|
||||
%patch9
|
||||
|
||||
# search for left-over multiline rules
|
||||
test -z "$(grep -r '^\s*\(unix\|dbus\)[^,]\(([^)]*)\)*[^,]*$' profiles/apparmor.d/)"
|
||||
|
Loading…
Reference in New Issue
Block a user