pool/apparmor
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 320064 from security:apparmor

Browse Source 
- add apparmor-winbindd-r3213.diff - add missing k permissions for
  /etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)

OBS-URL: https://build.opensuse.org/request/show/320064
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=89
This commit is contained in:
Dominique Leuenberger 2015-08-06 22:16:52 +00:00 committed by Git OBS Bridge
commit 7ff6eff654
3 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
apparmor-winbindd-r3213.diff Normal file
View File

@ -0,0 +1,29 @@
------------------------------------------------------------
revno: 3213
committer: Christian Boltz <apparmor@cboltz.de>
branch nick: apparmor
timestamp: Thu 2015-07-30 22:03:02 +0200
message:
winbindd profile: allow k for /etc/samba/smbd.tmp/msg/*
References: https://bugzilla.opensuse.org/show_bug.cgi?id=921098 starting at comment 15
Acked-by: Steve Beattie <steve@nxnw.org> for trunk and 2.9
=== modified file 'profiles/apparmor.d/usr.sbin.winbindd'
--- profiles/apparmor.d/usr.sbin.winbindd 2015-05-18 23:25:26 +0000
+++ profiles/apparmor.d/usr.sbin.winbindd 2015-07-30 20:03:02 +0000
@@ -15,7 +15,7 @@
/etc/samba/secrets.tdb rwk,
/etc/samba/smbd.tmp/ rw,
/etc/samba/smbd.tmp/msg/ rw,
- /etc/samba/smbd.tmp/msg/* rw,
+ /etc/samba/smbd.tmp/msg/* rwk,
@{PROC}/sys/kernel/core_pattern r,
/tmp/.winbindd/ w,
/tmp/krb5cc_* rwk,
vim:ft=diff

6
apparmor.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Jul 30 20:08:20 UTC 2015 - opensuse@cboltz.de
- add apparmor-winbindd-r3213.diff - add missing k permissions for
/etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jul 23 22:16:35 UTC 2015 - opensuse@cboltz.de Thu Jul 23 22:16:35 UTC 2015 - opensuse@cboltz.de

4
apparmor.spec
View File

@ -95,6 +95,9 @@ Patch7: apparmor-lessopen-profile.patch
# boo#862170 - fix ugly initscript output (commited upstream trunk r3208) # boo#862170 - fix ugly initscript output (commited upstream trunk r3208)
Patch8: fix-initscript-aa_log_end_msg.diff Patch8: fix-initscript-aa_log_end_msg.diff
# additional winbindd permissions (commited upstream trunk r3213, 2.9 r2946) - (boo#921098 #c15..19)
Patch9: apparmor-winbindd-r3213.diff
Url: https://launchpad.net/apparmor Url: https://launchpad.net/apparmor
PreReq: sed PreReq: sed
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -440,6 +443,7 @@ SubDomain.
%patch6 %patch6
%patch7 -p1 %patch7 -p1
%patch8 %patch8
%patch9
# search for left-over multiline rules # search for left-over multiline rules
test -z "$(grep -r '^\s*\(unix\|dbus\)[^,]\(([^)]*)\)*[^,]*$' profiles/apparmor.d/)" test -z "$(grep -r '^\s*\(unix\|dbus\)[^,]\(([^)]*)\)*[^,]*$' profiles/apparmor.d/)"