pool/apparmor
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
645ce4a678
apparmor/apparmor-profiles-samba4.diff
Christian Boltz 58f1803dff Accepting request 205608 from home:cboltz 
- apparmor-profiles-samba4.diff, usr.sbin.winbindd: some more profile
  updates for samba 4.x and kerberos (bnc#846054#c12 and #c15)

Please include this change in 13.1.

OBS-URL: https://build.opensuse.org/request/show/205608
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=62
2013-11-02 16:11:42 +00:00

66 lines
2.4 KiB
Diff
Raw Blame History

=== modified file 'profiles/apparmor.d/abstractions/samba'
--- profiles/apparmor.d/abstractions/samba 2011-08-26 23:52:27 +0000
+++ profiles/apparmor.d/abstractions/samba 2013-10-15 20:36:33 +0000
@@ -11,6 +11,7 @@
/etc/samba/* r,
/usr/share/samba/*.dat r,
+ /usr/share/samba/codepages/{lowcase,upcase,valid}.dat r,
/var/lib/samba/**.tdb rwk,
/var/log/samba/cores/ rw,
/var/log/samba/cores/** rw,
=== modified file 'profiles/apparmor.d/usr.sbin.nmbd'
--- profiles/apparmor.d/usr.sbin.nmbd 2011-08-27 18:50:42 +0000
+++ profiles/apparmor.d/usr.sbin.nmbd 2013-10-20 11:54:48 +0000
@@ -11,7 +11,9 @@
/usr/sbin/nmbd mr,
+ /var/cache/samba/gencache.tdb rwk,
/var/{cache,lib}/samba/browse.dat* rw,
+ /var/{cache,lib}/samba/gencache.dat rw,
/var/{cache,lib}/samba/wins.dat* rw,
/var/{cache,lib}/samba/smb_krb5/ rw,
/var/{cache,lib}/samba/smb_krb5/krb5.conf* rw,
=== modified file 'profiles/apparmor.d/usr.sbin.smbd'
--- profiles/apparmor.d/usr.sbin.smbd 2012-01-10 18:06:24 +0000
+++ profiles/apparmor.d/usr.sbin.smbd 2013-10-15 20:36:33 +0000
@@ -29,16 +29,21 @@
/usr/lib*/samba/vfs/*.so mr,
/usr/lib*/samba/charset/*.so mr,
/usr/lib*/samba/auth/script.so mr,
- /usr/lib*/samba/{lowercase,upcase,valid}.dat r,
+ /usr/lib*/samba/pdb/*.so mr,
+ /usr/lib*/samba/{lowercase,lowcase,upcase,valid}.dat r,
/usr/sbin/smbd mr,
/usr/sbin/smbldap-useradd Px,
/var/cache/samba/** rwk,
/var/cache/samba/printing/printers.tdb mrw,
/var/lib/samba/** rwk,
/var/lib/samba/printers/** rw,
+ /var/lib/sss/mc/passwd r,
+ /var/lib/sss/pubconf/kdcinfo.* r,
/{,var/}run/cups/cups.sock rw,
/{,var/}run/dbus/system_bus_socket rw,
/{,var/}run/samba/** rk,
+ /{,var/}run/samba/ncalrpc/ rw,
+ /{,var/}run/samba/ncalrpc/** rw,
/{,var/}run/samba/smbd.pid rw,
/var/log/samba/cores/smbd/ rw,
/var/log/samba/cores/smbd/** rw,
Index: profiles/apparmor.d/abstractions/kerberosclient
===================================================================
--- profiles/apparmor.d/abstractions/kerberosclient.orig 2011-03-23 20:24:11.000000000 +0100
+++ profiles/apparmor.d/abstractions/kerberosclient 2013-11-02 15:04:27.267448981 +0100
@@ -20,7 +20,7 @@
/usr/lib/@{multiarch}/krb5/plugins/preauth/ r,
/usr/lib/@{multiarch}/krb5/plugins/preauth/* mr,
- /etc/krb5.keytab r,
+ /etc/krb5.keytab rk,
/etc/krb5.conf r,
# config files found via strings on libs
Reference in New Issue View Git Blame Copy Permalink