Marcus Rueckert
f270973a6c
Accepted submit request 57745 from user jeff_mahoney OBS-URL: https://build.opensuse.org/request/show/57745 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=1
29 lines
825 B
Plaintext
29 lines
825 B
Plaintext
From: Jeff Mahoney <jeffm@suse.com>
|
|
Subject: apparmor: Fix incorrect /proc/*/sys usage in usr.sbin.ntpd
|
|
References: bnc#634801
|
|
|
|
/proc/sys/kernel exists, but /proc/*/sys/kernel doesn't. This patch
|
|
fixes the profile.
|
|
|
|
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
|
|
---
|
|
profiles/apparmor.d/usr.sbin.ntpd | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
--- a/profiles/apparmor.d/usr.sbin.ntpd
|
|
+++ b/profiles/apparmor.d/usr.sbin.ntpd
|
|
@@ -59,11 +59,11 @@
|
|
/var/run/ntpd.pid w,
|
|
/var/tmp/ntp* rwl,
|
|
@{PROC}/*/net/if_inet6 r,
|
|
- @{PROC}/*/sys/kernel/ngroups_max r,
|
|
+ @{PROC}/sys/kernel/ngroups_max r,
|
|
|
|
# allow access for when chrooted
|
|
/var/lib/ntp/@{PROC}/*/net/if_inet6 r,
|
|
- /var/lib/ntp/@{PROC}/*/sys/kernel/ngroups_max r,
|
|
+ /var/lib/ntp/@{PROC}/sys/kernel/ngroups_max r,
|
|
|
|
@{NTPD_DEVICE} rw,
|
|
}
|