86efea86c1
- add nscd-var-lib.diff to allow /var/lib/nscd/ in the nscd profile and abstractions/nameservice (path changed in latest nscd in Tumbleweed) Note: The glibc/nscd package that needs this change was already released with the 20161020 snapshot, so it would be a good idea to get the AppArmor profile updates released quickly ;-) OBS-URL: https://build.opensuse.org/request/show/436984 OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=157
27 lines
1.2 KiB
Diff
27 lines
1.2 KiB
Diff
=== modified file 'profiles/apparmor.d/abstractions/nameservice'
|
|
--- profiles/apparmor.d/abstractions/nameservice 2016-06-22 22:15:49 +0000
|
|
+++ profiles/apparmor.d/abstractions/nameservice 2016-10-22 19:55:04 +0000
|
|
@@ -46,7 +46,7 @@
|
|
# to vast speed increases when working with network-based lookups.
|
|
/{,var/}run/.nscd_socket rw,
|
|
/{,var/}run/nscd/socket rw,
|
|
- /{var/db,var/cache,var/run,run}/nscd/{passwd,group,services,hosts} r,
|
|
+ /{var/db,var/cache,var/lib,var/run,run}/nscd/{passwd,group,services,hosts} r,
|
|
# nscd renames and unlinks files in it's operation that clients will
|
|
# have open
|
|
/{,var/}run/nscd/db* rmix,
|
|
|
|
=== modified file 'profiles/apparmor.d/usr.sbin.nscd'
|
|
--- profiles/apparmor.d/usr.sbin.nscd 2016-03-21 20:30:19 +0000
|
|
+++ profiles/apparmor.d/usr.sbin.nscd 2016-10-22 19:54:36 +0000
|
|
@@ -28,7 +28,7 @@
|
|
/{,var/}run/nscd/ rw,
|
|
/{,var/}run/nscd/db* rwl,
|
|
/{,var/}run/nscd/socket wl,
|
|
- /{var/cache,var/run,run}/nscd/{passwd,group,services,hosts,netgroup} rw,
|
|
+ /{var/cache,var/lib,var/run,run}/nscd/{passwd,group,services,hosts,netgroup} rw,
|
|
/{,var/}run/{nscd/,}nscd.pid rwl,
|
|
/var/log/nscd.log rw,
|
|
@{PROC}/@{pid}/cmdline r,
|
|
|