apparmor/apparmor-profiles-syslog-ng-fix

34 lines
988 B
Plaintext

--- a/profiles/apparmor.d/sbin.syslog-ng.old 2008-11-05 15:53:00.000000000 +0100
+++ b/profiles/apparmor.d/sbin.syslog-ng 2010-11-05 09:11:23.186489224 +0100
@@ -19,12 +19,14 @@
#include <abstractions/base>
#include <abstractions/consoles>
#include <abstractions/nameservice>
+ #include <abstractions/mysql>
capability chown,
capability dac_override,
capability fsetid,
capability fowner,
capability sys_tty_config,
+ capability sys_resource,
/dev/log w,
/dev/syslog w,
@@ -35,11 +37,14 @@
/etc/hosts.deny r,
/etc/hosts.allow r,
/sbin/syslog-ng mr,
+ /usr/share/syslog-ng/** r,
# chrooted applications
@{CHROOT_BASE}/var/lib/*/dev/log w,
- @{CHROOT_BASE}/var/lib/syslog-ng/syslog-ng.persist rw,
+ @{CHROOT_BASE}/var/lib/syslog-ng/syslog-ng.persist* rw,
@{CHROOT_BASE}/var/log/** w,
@{CHROOT_BASE}/var/run/syslog-ng.pid krw,
+ @{CHROOT_BASE}/var/run/syslog-ng.ctl rw,
+ /var/run/syslog-ng/additional-log-sockets.conf r,
}