86ade05802
- add patch with upstream changes since 2.7.0 beta2 release - add example parser.conf - print warning if profile cache directory doesn't exist - remove initscript for no longer existing aa-eventd (bnc#720617) - set correct $HOME in aa-notify - enable caching of profiles (= massive speedup) (bnc#689458) - add comments for patches in .spec and comments in some patches - run spec-cleaner - add libtool as buildrequire to make the spec file more reliable OBS-URL: https://build.opensuse.org/request/show/87208 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=24
67 lines
1.9 KiB
Plaintext
67 lines
1.9 KiB
Plaintext
Thu Jan 6 16:23:19 UTC 2011 - rhafer@suse.de
|
|
|
|
- Splitted ldap related things from nameservice into separate
|
|
profile and added some missing paths (bnc#662761)
|
|
|
|
|
|
---
|
|
profiles/apparmor.d/abstractions/ldapclient | 21 +++++++++++++++++++++
|
|
profiles/apparmor.d/abstractions/nameservice | 8 +++-----
|
|
2 files changed, 24 insertions(+), 5 deletions(-)
|
|
|
|
--- /dev/null
|
|
+++ b/profiles/apparmor.d/abstractions/ldapclient
|
|
@@ -0,0 +1,21 @@
|
|
+# ------------------------------------------------------------------
|
|
+#
|
|
+# Copyright (C) 2011 Novell/SUSE
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of version 2 of the GNU General Public
|
|
+# License published by the Free Software Foundation.
|
|
+#
|
|
+# ------------------------------------------------------------------
|
|
+
|
|
+ # files required by LDAP clients (e.g. nss_ldap/pam_ldap)
|
|
+ /etc/ldap.conf r,
|
|
+ /etc/ldap.secret r,
|
|
+ /etc/openldap/* r,
|
|
+ /etc/openldap/cacerts/* r,
|
|
+
|
|
+ # SASL plugins and config
|
|
+ /etc/sasl2/* r,
|
|
+ /usr/lib{,32,64}/sasl2/* r,
|
|
+
|
|
+ #include <abstractions/ssl_certs>
|
|
--- a/profiles/apparmor.d/abstractions/nameservice
|
|
+++ b/profiles/apparmor.d/abstractions/nameservice
|
|
@@ -16,8 +16,6 @@
|
|
/etc/group r,
|
|
/etc/host.conf r,
|
|
/etc/hosts r,
|
|
- /etc/ldap.conf r,
|
|
- /etc/ldap.secret r,
|
|
/etc/nsswitch.conf r,
|
|
/etc/gai.conf r,
|
|
/etc/passwd r,
|
|
@@ -32,9 +30,6 @@
|
|
|
|
/etc/samba/lmhosts r,
|
|
/etc/services r,
|
|
- # all openldap config
|
|
- /etc/openldap/* r,
|
|
- /etc/ldap/** r,
|
|
# db backend
|
|
/var/lib/misc/*.db r,
|
|
# The Name Service Cache Daemon can cache lookups, sometimes leading
|
|
@@ -60,6 +55,9 @@
|
|
# nis
|
|
#include <abstractions/nis>
|
|
|
|
+ # ldap
|
|
+ #include <abstractions/ldapclient>
|
|
+
|
|
# winbind
|
|
#include <abstractions/winbind>
|
|
|