From: Jeff Mahoney <jeffm@suse.com>
Subject: dhcpd: Fix apparmor profile
References: bnc#692428

 This patch adds the network rules needed, corrects the path to dhcpd.leases,
 and adds the path for TSIG DNS keys.

Reported-by: Andrew Beames <suseforum@roocomputing.co.uk>
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
---
 profiles/apparmor/profiles/extras/usr.sbin.dhcpd |    7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

--- a/profiles/apparmor/profiles/extras/usr.sbin.dhcpd
+++ b/profiles/apparmor/profiles/extras/usr.sbin.dhcpd
@@ -21,12 +21,17 @@
   capability setuid,
   capability sys_chroot,
 
+  network inet raw,
+  network packet raw,
+
   /db/dhcpd.leases*     lrw,
   /etc/dhcpd.conf	r,
   /etc/hosts.allow	r,
   /etc/hosts.deny	r,
   /usr/sbin/dhcpd	rmix,
-  /var/lib/dhcp/dhcpd.leases*	rwl,
+  /var/lib/dhcp/db/dhcpd.leases*	rwl,
   /var/lib/dhcp/etc/dhcpd.conf  r,
   /var/run/dhcpd.pid	wl,
+  /etc/named.d/*	r,
+  @{PROC}/net/dev	r,
 }